VeriSign revealed to have suffered repeated security breaches in 2010
It took some digging through more than 2,000 pages of SEC documents, but Reuters revealed today that VeriSign was attacked “repeatedly” by hackers in 2010, and that some undisclosed information was stolen from the company. The key danger there is the DNS records that the company manages — which ensure that URLs take you to the correct website — but VeriSign says that its executives “do not believe these attacks breached the servers that support our Domain Name System network.” As Reuters notes, however, the company isn’t ruling anything out. Details on the attacks themselves (or the exact number and timing of them) are otherwise hard to come by, but it’s reported that VeriSign’s security staff did not notify top management until September of 2011 — although they are said to have “responded” to the attacks themselves
Read more here:
VeriSign revealed to have suffered repeated security breaches in 2010
Google’s ‘Bouncer’ service scans the Android Market for malware, will judge you at the door
Google has had its fair share of malware-related problems in the Android Market , but that’s hopefully about to change, now that the company has announced a new security-enhancing service.
Continued here:
Google’s ‘Bouncer’ service scans the Android Market for malware, will judge you at the door
Passware claims FileVault 2 can be cracked in under an hour, sells you the software to prove it
Lunch hours may never feel safe again.
View article:
Passware claims FileVault 2 can be cracked in under an hour, sells you the software to prove it
Source code theft prompts Symantec to issue warning to customers
Security software publisher Symantec has confirmed it was the victim of a cyber attack, resulting in the theft and disclosure of product source code. Earlier this month, the online-collective Anonymous stated, via Twitter, that it possessed portions of the code in question and planned to release it in support of a class-action lawsuit filed by consumers — the suit claims Symantec employed scare tactics to encourage users to purchase its wares. Via its website, the company affirmed Anonymous’ claims, citing a source code heist dating back to 2006.
Taken from:
Source code theft prompts Symantec to issue warning to customers
O2 data breach potentially shares your cellphone number with the world (Updated)
There’s an alarming rumor circulating that suggests that UK network O2 forwards your phone number to any website visited on a smartphone.
See more here:
O2 data breach potentially shares your cellphone number with the world (Updated)
O2 data breach potentially shares your cellphone number with the world
There’s an alarming rumor circulating that suggests that UK network O2 forwards your phone number to any website visited on a smartphone. Lewis Peckover built a site that displays the header data sent to sites you visit, finding a network-specific field called “x-up-calling-line-id” which displayed his number.
Read this article:
O2 data breach potentially shares your cellphone number with the world
SITA and Orange develop NFC-based airport check-ins, let you bump the TSA (video)
You’ve been there before — fumbling in-front of a non-enthused security agent, trying to download your fancy mobile boarding pass over an uncooperative network. It’s that kind of awkwardness that SITA and Orange are trying to avoid with their NFC-based check-in solution. In their joint proof-of-concept, the duo embedded ticket credentials into an NFC-capable SIM card — meaning phones without NFC circuitry can also use the tech — which enables airport plebes to check-in, get through security, board planes and even enter lounges with just a wave of your phone
Continue reading here:
SITA and Orange develop NFC-based airport check-ins, let you bump the TSA (video)
Samsung Galaxy S II and Galaxy Tab get security nod, certified for government agencies
We didn’t have much to complain about when it came to Samsung’s flagship phone and tablet, so we’re glad to see that both the Galaxy S II and Tab 10.1 have managed to jump through the requisite hoops for FIPS certification. The business-centric feature means that both Samsung devices have been given the thumbs up for use in governmental agencies and other similarly stickler-for-the-rule industries
Visit site:
Samsung Galaxy S II and Galaxy Tab get security nod, certified for government agencies
Japan working on powerful cyber weapon, knows best defense is a good offense
The Japanese government has been (relatively) quietly churning away on an advanced new cyber weapon . In the post Stuxnet age it’s no surprise that a government would be working on powerful new tools to defend its digital borders , but this particular virus (developed with help from Fujitsu) is raising eyebrows with some over how it accomplishes its goals. Essentially, when it detects an intruding piece of malware, the program follows the virtual trail left behind back to the attack’s source — disabling every machine it encounters along the way.
Continue reading here:
Japan working on powerful cyber weapon, knows best defense is a good offense
EFF takes the fight to Carrier IQ, requests reinforcements
If we didn’t love the EFF already, we’d be proposing marriage now that it’s managed to reverse-engineer Carrier IQ’s pernicious monitoring software. CIQ exists in phones in three parts, the app itself, a configuration file and a database — where your keystrokes and coded “metrics” are logged before being sent to the company. Volunteer Jared Wierzbicki cracked the configuration profile and produced IQIQ , an Android app that reveals what parts of your activity are being monitored.
Continue Reading:
EFF takes the fight to Carrier IQ, requests reinforcements