Stream

Join this community to post or comment

Identacor

Security  - 
 
Meet the deadliest virus in the history of cyber world.

#Virus #InternetSecurity #Threat #OnlineSecurity #Fact  
1
Add a comment...

Patrick Bay

Security  - 
 
 
"Antoine Vincent Jebara and Raja Rahbani have discovered a Mac Keychain vulnerability that hackers can easily exploit to steal passwords, certificates, etc. with very little user interaction needed. The duo stumbled upon the flaw while working on the Keychain for their identity management software Myki. They found out that attackers can craft commands that can make Mac's password management system prompt users to click an "Allow button" instead of asking them to type in their passwords. Once a user clicks that button, the malicious code can forward Keychain's contents via text, though the info could also be saved somewhere for download later on.

The malware required to trigger that process can be introduced into the victim's computer via innocuous files such as images, documents and spreadsheets. In fact, the proof of concept Rahbani and Jebara developed to test out what they discovered launches the malware-wrapped image in Preview after you click Allow. They designed it that way to show how that method can be used to allay any suspicion brewing in the back of the victim's mind."
"The malware required to trigger that process can be introduced into the victim's computer via innocuous files such as images, documents and spreadsheets."
3
2
Chris Harpner (CSharpner)'s profile photocorey drew bruce's profile photo
Add a comment...

David Bisson

Security  - 
 
British retailer WHSmith has suffered a data breach that has resulted in users' personal information being sent out to hundreds of customers' inboxes.

By David Bisson​ of +Tripwire, Inc.
British retailer WHSmith has suffered a data breach that has resulted in users' personal information being sent out to hundreds of customers' inboxes.
2
Add a comment...
 
How To Stay Secure in Insecure World http://oversitesentry.com/?p=2743  Google Security and other #cyber suggestions 
I want to highlight 2 current articles: http://www.infosecurity-magazine.com/news/pawn-storm-serves-malware-via-fake/. and. http://googleonlinesecurity.blogspot.com/2015/07/new-research-comparing-how-security.html · Google_Security-practices-expertsvsnonexpert. It is best to use good passwords, ...
3
1
Naim M Azmi's profile photo
Add a comment...

Joe Pettit

Security  - 
 
In the Godfather Part II, Michael Corleone says, “There are many things my father taught me here in this room. He taught me: keep your friends close, but your enemies closer.” This lesson Vito Corleone taught his son Michael is just as applicable to IT security.

+Tripwire, Inc. 
Once an organization inventories its hardware and software, the most important concern is security configuration management.
6
Add a comment...
 
Focus on Quality Improves Computer Security http://oversitesentry.com/?p=2734  #cybersecurity now defends against nation states 
There is a great white paper at sans.org Elizabeth Stanton wrote it to highlight “Security through Quality Assurance Practices”. I found it by doing a google search “quality computer security”. In my quest for trying to explain to non-security people why they need to pay more attention to ...
1
1
The Futurist's profile photo
Add a comment...
 
#Onlineadvertising has become an increasingly potent threat to end-user security on the internet. More hackers than ever are targeting the internet's money engine, using it as a powerful attack vector to hide exploits and compromise huge numbers of victims.
Malvertising, as poisoned ads are known, is as deadly as it is diverse. Hackers are able to poison advertisements with the world's most capable exploit kits, then pay to have it served on a large number of prominent websites. Up to half of users exposed to the very worst forms of malvertising fall victim, yet tracking the attacks is often tricky. Advertisements are dynamic and served only to certain users, on certain websites, in certain conditions, making attacks difficult to study.
Ads as an #attack vector was identified in 2007 when security responders began receiving reports of malware hitting user machines as victims viewed online advertisements. By year's end William Salusky of the SANS Internet Storms Centre had concocted a name for the attacks.
Feature Online advertising has become an increasingly potent threat to end-user security on the internet. More hackers than ever are targeting the internet's money engine, using it as a powerful attack vector to hide exploits and compromise huge numbers of victims.
6
3
Cheap SSL Coupon Code's profile photoYodi Collins's profile photoToufan Kamranii's profile photoAidan Doran's profile photo
 
Nice Infographic which will help to understand Malvertising in an easy manner.
Add a comment...

Tech Entice

Security  - 
 
 
Google tips developers how to Bypass Apple's security in order to sell Ads: What's Apple saying?
Apple has launched a new service along with iOS 9, called the App Transport Security or ATS which is a set of protocols that strengthen the security for iPhones.
5
4
Shibani Chakraborty's profile photoPatrick Cockman's profile photoAnthony Leo's profile photoToufan Kamranii's profile photo
 
Well I declare!.... all you hackers need to get with the program and focus on Apple.....why should an overpriced non expandable nonreplacable battery gadget be considered less vulnerable?.....the people buying those things don't have any respect for the value of a buck......cmon!.....can you say unix?.....I mean billionaires use Apple.....leave us regular chaps and chappies alone!
Add a comment...
 
Are you prepared for a ransomware event in your company?
IBMs XForce threat teams Q3 threat intelligence report cites ransomware as a major issue.
4
1
InfoSaaS's profile photo
Add a comment...
 
If a Firewall is Useless What to Do? http://oversitesentry.com/?p=2721  #cybersecurity problems dilemmas in 2015 
As I was scanning the Internet for interesting relevant articles this is the one I thought was unique in discussing a fundamental issue of our time(in 2015). http://www.infoworld.com/article/2616931/firewall-software/why-you-don-t-need-a-firewall.html. Plus Roger Grimes discusses buffer ...
3
1
Kevin Wright's profile photoᏩ가을동화 (ᏌиequalᏩ)'s profile photo
 
Every vampire knows........he must be invited in. .......now regarding mobile devices......if you don't need internet access...... Turn it off......take a page from the antiaircraft missile sites and enable WiFi only when you need it.....geolocation will help a hacker.
Add a comment...
 
Dangerous Vulnerability? Some Routers Bad UPnP Authentication http://oversitesentry.com/?p=2749  #cybersecurity exploit problems 
This is the problem with some security issues: http://www.kb.cert.org/vuls/id/361684. Home routers implementing the UPnP protocol do not sufficiently randomize UUIDs in UPnP control URLs, or implement other UPnP security measures. routervendor-unknowneffects. This attack has the beginnings of a ...
2
2
Jaeson Kalmoni's profile photoSumit Grover's profile photoMatthew Curry's profile photo
2 comments
 
Interestingly, this has been a known issue since at least 2013..  http://www.zdnet.com/article/how-to-fix-the-upnp-security-holes/
Add a comment...

Rob Ponce

Security  - 
 
I would suggest reading this article if you own a Lenovo laptop/desktop.
Rob Ponce originally shared:
 
For those of you whom have a Lenovo laptop/desktop manufactured (not purchased) between Oct 23, 2014 and Apr 10, 2015, YOU NEED TO READ THIS ARTICLE! Follow the links to download the firmware update to remove this "crapware" from your systems.
1
Rob Ponce's profile photo
 
Oh, and probably should share with your family and friends too...
Add a comment...
 
Half of departing employees keep confidential corporate data when they leave organizations, according to a recent study. 
1
Add a comment...

Traven West

Security  - 
 
It seems that the whitehat dudes are getting ahead of the game. And thanks to one of my clients, we may have a half-good solution. 
Skyport's SkySecure solution sells nearly impenetrable admin boxes.
3
2
Adam Timol's profile photoIzzy Blacklock's profile photoAbak Hoben's profile photo
 
I LOLed
Add a comment...
3
Add a comment...

Casey Warren

Security  - 
 
What's interesting about this article is it explains how to use the exploit and how to minimize the chance of the exploit being used. An important read if you thought you were safe because you were using WPA2. 
Your Wi-Fi network is your conveniently wireless gateway to the internet, and since you're not keen on sharing your connection with any old hooligan who happens to be walking past your home, you secure your network with a password, right? Knowing, as you might, how easy it is to crack a WEP password, you probably secure your network using the more bulletproof WPA security protocol. How to Crack a Wi-Fi Network's WEP Password with BackTrack How to...
20
7
Kuo Huang's profile photoDamon Randel's profile photoAhmed Sheipani (Shumbashi)'s profile photoBalasubramanian Nagarajan's profile photo
4 comments
 
Check this list out, It will show you if your router is vulnerable.
https://docs.google.com/spreadsheet/ccc?key=0Ags-JmeLMFP2dFp2dkhJZGIxTTFkdFpEUDNSSHZEN3c#gid=0
Add a comment...
 

Analyzing Data Breaches: Can we Tolerate Status Quo? http://oversitesentry.com/?p=2726 #cybersecurity risk assessment 
An interesting paper on the analysis of the frequency of data breaches. It is an attempt by Benjamin Edwards, Steven Hofmeyr, and Stephanie Forrest. These researchers obtained the data from https://www.privacyrights.org breach info. The PRC(Privacy Rights Clearinghouse) has compiled a Chronology ...
2
3
Kevin Wright's profile photoJesse Mundis's profile photoPatrick Cockman's profile photoDavid Ford (FirefighterBlu3)'s profile photo
 
Looks like it corresponds to paydays......in fact that is a fact......
Add a comment...

Timothy King

Security  - 
 
In a flurry of press releases last week, Unitrends, a member of our Backup and Disaster Recovery Solutions Directory, and one of the top vendors in the enterprise Business Continuity space, made se...
1
Add a comment...

Rob Ponce

Security  - 
 
I thought this was a rather interesting article. I'm glad to see the word "hack" being used for what it was intended for
1
Add a comment...