News & Features
Friday, 24 May 2013
Starting in August, Google will issue new certificates for its services. The company especially plans to scrap certificates with old 1024-bit RSA keys and replace them with 2048-bit ones
more »
On The H's radar over the last seven days: how to store and protect SSH keys, Wireshark 1.8.7 and 1.6.15, game engine vulnerabilities, Volatility plugins, irrevocable SSL certificates, and historical parallels to the internet
more »
Reporters investigating a leak of personal information from two phone companies found themselves facing a cease-and-desist letter from the companies who accused them of hacking their systems, a claim the news service denies
more »
An introduction to analysing the Blackberry Z10 and the new Blackberry OS
more »
Thursday, 23 May 2013
Current customers can still use the products until their subscription runs out. Symantec says that customers who are affected by the change should switch to Norton products
more »
Apple has released QuickTime 7.7.4, fixing 12 critical security holes causing memory corruption and buffer overflows when processing a number of media formats
more »
A code sent by SMS, in addition to the standard password, will improve security for Twitter accounts - not a bad idea, after recent problems with hacked accounts sending out false reports
more »
Wednesday, 22 May 2013
Chrome 27.0.1453.93 closes 17 security vulnerabilities for which Google has paid out almost $15,000. The newest version of the browser also improves page load speed for pages with many assets
more »
Unscrupulous profiteers are openly offering DDoS attacks as a service. They have no fear of being prosecuted - according to a reputable US blogger, the prosecutors themselves might be on board
more »
Available free of charge, the Clueful app exposes Android programs that don't take users' privacy seriously enough, for example by sending personal information to advertising networks
more »
The hacker attacks on Google in late 2009 may have had a greater impact than previously thought. The attackers reportedly had access to information on foreign agents collected by the US counterintelligence service
more »
Tuesday, 21 May 2013
Alerted by the levels of outgoing traffic, Yahoo Japan believes that 22 million user IDs were leaked from their systems but it is confident that no password or other verification data was involved in the exfiltration
more »
Back in February, a report by cybersecurity firm Mandiant exposed a Chinese military unit that targeted companies and media in the US. When the New York Times ran a feature on the APT1 group, things went quiet around the group. Now, APT1 has resumed operation
more »
The latest version of the live Debian Linux distribution for anonymity and privacy especially in repressive environments is now available with on the fly package updating and support for the latest obfuscation bridges
more »
Monday, 20 May 2013
Among the enhancements in NetBSD 6.1 is support for the Raspberry Pi's USB and onboard Ethernet, along with security and bug fixes. The same fixes are also in the newly released 6.0.2
more »
A convenient online search facility is now available for the enormous amount of data that was accumulated during a port scan of the entire internet
more »
Saturday, 18 May 2013
In the week ending 18 May Microsoft is reading what you type in Skype's chat, an exploit for the Linux kernel is discovered, Google unveils its new IDE for developing Android applications, and the International Space Station is using more Linux
more »
Friday, 17 May 2013
On The H's radar over the last seven days: Samsung's Smart TV software, phone scammers with their own hotline, tricking malware with Vaccination, Qualcomm is pre-installing Kaspersky on Android phones and Twitter account security
more »
A newly found item of Mac malware appears to have been signed by its creator but is apparently unable to deliver its cache of screenshots to the two command and control servers it is meant to connect to
more »
The ownCloud developers have released versions 5.0.6, 4.0.15, and 4.5.11 to fix a number of serious vulnerabilities in their software including SQL injection, code execution and privilege escalation problems
more »
Thursday, 16 May 2013
Four hackers from the infamous group LulzSec were sentenced in the UK today. Three of them are facing prison, while the fourth got a suspended sentence
more »
What is someone scanning the internet for easily accessible industrial plants actually up to? The SCADA honeypot Conpot can help supply answers to that question
more »
The zPanel server is unavailable at the moment, most likely as a result of a hacker attack brought on by a member of the support team who swore at a forum user
more »
At the meeting of the RIPE IP address registry, discussions revolved around how to get black sheep to implement overdue security measures
more »
To avoid the need to develop new fuzz testing tools, researchers at Fraunhofer FOKUS institute have created the Fuzzino open source fuzzing library that can be used to add fuzzing features to existing test tools
more »
ownCloud fixes critical security vulnerabilities
