I am sure that many of you have used the Uber and Lyft ride sharing services, but have you thought about what would happen if the driver was in an accident. You might want to. Insurance Networking News recently reported about a new coverage that one insurance company (Erie) is offering to provide coverage to […]
Continue reading → [DISPLAY_ACURAX_ICONS]There was an interesting article in Wired that “outed” Verizon’s use of perma-cookies. Simply explained, perma-cookies are cookies that identify the user that are added by the carrier between the user’s browser and the receiving web site. The effect of this is an ID that will follow the user, potentially across devices, silently, with no […]
Continue reading → [DISPLAY_ACURAX_ICONS]Microsoft released an out of band patch today for all supported versions of Windows. The patch fixes a privately reported bug in the Kerberos Key Distribution Center (KDC) protoccol. If unpatched, it would allow an unauthorized user to execute an elevation of privilege attack. “The problem stems from a failure to properly validate cryptographic signatures which […]
Continue reading → [DISPLAY_ACURAX_ICONS]According to the Wall Street Journal (pay link), the government (US Marshals Service) is flying “dirtboxes” in small airplanes to capture the signals from your cell phone. Basically, a dirtbox is a self contained cell tower with a strong signal. Since your cell phone will connect to the strongest signal, if the dirtbox winds up […]
Continue reading → [DISPLAY_ACURAX_ICONS]FireEye , a security research firm, recently disclosed an interesting attack against iOS devices. Apparently, iOS allows a rogue iPhone app to replace a genuine iPhone app. Once that rogue app is now installed, it can do anything the real app could do – PLUS send a copy of your banking credentials Moscow or Kiev […]
Continue reading → [DISPLAY_ACURAX_ICONS]An article in SC Magazine recommends that organizations apply this month’s Microsoft patches very quickly. Among the patches: One vulnerability, CVE-2014-6332, had been remotely exploitable for 18 years prior to its patch, and could be used by an attacker to circumvent Microsoft’s free anti-exploitation tool EMET and its Enhanced Protected Mode (EPM) sandbox in Internet […]
Continue reading → [DISPLAY_ACURAX_ICONS]