Network World wrote about an interesting attack that is – at least in this case – very simple to fix. First, what is Pharming. When you go to your browser and type in www. foo.com, you are trusting the browser to actually send you to foo.com. What if it really sent you to badfoo.com? Badfoo.com […]
Continue reading → [DISPLAY_ACURAX_ICONS]I wrote a couple of days ago that The Intercept reported that the SIM and banking card maker Gemalto was hacked by GCHQ and NSA. Well, now, after just a couple of days, Gemalto says not to worry, everything is cool. We looked at our logs and while GCHQ might have gotten into our […]
Continue reading → [DISPLAY_ACURAX_ICONS]Risk Based Security released their 2014 data breach report (available here) with some impressive numbers. I am just going to highlight a few; read the report if you would like more details. 3,014 data breach incidents (up 28.5%) 1.1 Billion records breached (up 22.3%) 72.5% of the incidents released less than 10,000 records 55.3% of […]
Continue reading → [DISPLAY_ACURAX_ICONS]I wrote the other day (see post) about malware (called Superfish) that Lenovo intentionally installed on their computers in the name of improving your customer experience. Well, they admit that it was poorly thought out, but only for one of the two reasons I am concerned about. They admit that snooping on your private conversations […]
Continue reading → [DISPLAY_ACURAX_ICONS]CSO Magazine is reporting on an experiment conducted by the Ponemon Institute. They sent researchers disguised as temporary employees, with temporary badges, into 43 offices belonging to 7 companies. The management was aware of the plan but the office staffs were not aware. The researchers went into the offices, wandered around, took pictures of computer […]
Continue reading → [DISPLAY_ACURAX_ICONS]We have known for a long time that the encryption on cell phone calls and text messages was relatively weak, but apparently, cracking that was more work than GCHQ, the British version of the NSA, wanted to do. People have been beating up the NSA for being, well, the NSA. I have said, whether we […]
Continue reading → [DISPLAY_ACURAX_ICONS]