▼
Friday, October 31, 2014
Thursday, October 30, 2014
Wednesday, October 29, 2014
Microsoft Band (wrist) $200
Microsoft has announced a new hardware worn on the wrist that connects to the Microsoft Health service. 10 sensors including heart rate.
CurrentC has been hacked..
The proposed replacement for ApplePay/GoogleWallet etc, backed by Walmart and others, has been hacked. Tester's email info stolen.
Tuesday, October 28, 2014
Monday, October 27, 2014
OS X saving "unsaved data" to iCloud, it is encrypted but they have the key
If you work with OS X and sensitive data, you might want to read this article.
apt-get for Windows 10?
New powershell interface allows users to download applications from the Windows Store?
Sunday, October 26, 2014
Samsung KNOX stores PIN in cleartext?
"Specifically, a pin.xml file stored in the ContainerApp stored on the device during setup contains the unencrypted PIN number."
Require-Recipient-Valid-Since (RRVS) SMTP header
Yahoo and Facebook add to the SMTP header to help eliminate abandoned email spoofing.
Retailers avoiding Apple Pay
Walmart, CVS, and others are backing CurrentC, a payment method that avoids credit card companies to avoid swipe charges.
Wednesday, October 22, 2014
Google Inbox
A redesigned email interface with Android/IOS clients. Google Now + Gmail + a few more features.
Using Windows Update to "brick" fake USB-to-Serial controllers
A chip company, FTDI, has delivered a driver via Windows Update that detects and neutralized counterfeit chips.
What is Magic Leap?
Google and others have invested in Magic Leap, wearable technology that hasn't had a public demo. Remember the Segway?
Apple posts info about iCloud security
After China was reportedly interfering, Apple wants you to be sure that you are connecting to the proper server.
Koler android ransomware
Demands money, can spread via SMS to evil link. Make sure you only download Apps from Google/Amazon and only very popular ones with brand name appeal.
Tuesday, October 21, 2014
Google adds USB "key" to security lineup
Via a <$30 usb key that does crypto you can now log into your Google account more securely.
New Windows 0-Day delivered via Powerpoint
A new 0-day vulnerability has been found in Windows OLE (object linking and embedding) interpreter. The attack is being delivered as an OLE object embedded in a PowerPoint file.
Monday, October 20, 2014
Friday, October 17, 2014
Wednesday, October 15, 2014
SSLv3 POODLE Attack
Google Security Engineers have detailed an attack on the outdated SSLv3 protocol. Most browsers will re-negotiate to the older protocol if asked. Quickest solution is to disable SSLv3.
Monday, October 13, 2014
Oct 2014 Patch Tuesday
Microsoft is releasing patches today, make sure to update your PCs. Oracle is also releasing patching Java. Check your Adobe products too.
Hundreds of Dropbox user passwords posted on Reddit
Company says it wasn't hacked and that passwords were stolen from "third party services." Says most passwords are "expired." You should change your Dropbox password.
Twitter files lawsuit, wants to be able to post gov't requests for data
Trying to pressure the US Govt into letting it post the request it receives for user data from the US Govt.
Sunday, October 12, 2014
Thursday, October 9, 2014
AT&T force to pay back $80m
Due to the practice of "cramming" its users with confusingly labeled subscription charges for such things as ringtones.
Google Boss, "Spying scares will break the Internet"
Eric Schmidt worries that NSA spying will cause ecommerce to fail as well as other services based on the Internet.
Monday, October 6, 2014
Return of the Crypto Wars
Apple will no longer be able to hand the "keys" to your encrypted files to Law Enforcement, and that's causing some problems.
Sunday, October 5, 2014
Facebook "changing" ways it performs social research
Now going to have groups containing a variety of professionals review requests to use Facebook data for research.
New OS X botnet, "communicates" via Reddit
Dr. Web has discovered a new botnet composed of 17000 Macs that can find command servers via Reddit. Apple has updated "Xprotect" to prevent infection.