ITsecurity
twitter facebook rss

Android exfiltration, OpenSSL, and iOS app memory handling

Posted by David Harley on March 18, 2015

[Update: details of the OpenSSL advisory released after this blog here. Note that the FREAK-related CVE-2015-0204 flagged by Intego here is reclassified as ‘severe’ and upgrades are advised: This was classified low because it was originally thought that server RSA export ciphersuite support was rare: a client was only vulnerable to a MITM attack against a server […]

Steve Gold: a Journalist and a Gentleman

Posted by David Harley on January 14, 2015

I remember Steve as an amusing and knowledgeable conversationalist and commentator. As a journalist, he was outstanding.

Taking Back My Privacy – DIY Secure Phone

Posted by Alexander Hanff on November 14, 2014

Over the last week I decided to start a new project mostly as a proof of concept but also down to curiosity as to how easy/difficult it would be – I decided to try to make myself a secure phone. Hardware-wise it was fairly simple, I have an old HTC Desire handset which has been […]

Mobile Malware: Should I Keep Taking The Tablets?

Posted by David Harley on October 14, 2014

I recently came across a comment to one of my blogs – it doesn’t matter which, because it didn’t actually relate directly to the article it was attached to. The commenter wanted to know whether she needed to install anti-virus onto her tablet, because ‘tablets can’t get viruses’, as her son had told her, and […]

ITsecurity Daily News: 10/03/2014

Posted by Kevin on October 3, 2014

The ITsecurity daily security briefing: Friday, October 3, 2014. If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com. NEWS ONLY TODAY News Papers/Reports WebThings Events M&A Alerts News Government to use a Bill of Rights to […]

ITsecurity Daily News: 09/19/2014

Posted by Kevin on September 19, 2014

The ITsecurity daily security briefing: Friday, September 19, 2014. If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com. News Papers/Reports WebThings Events M&A Alerts News Vupen has a competitor – Kevin Mitnick   Vupen is the […]

ITsecurity Daily News: 09/04/2014

Posted by Kevin on September 4, 2014

The ITsecurity daily security briefing: Thursday, September 4, 2014. If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com. News Papers/Reports WebThings Events M&A Alerts News “You violate our rights, we tear down your databases.” Anonymous   […]

ITsecurity Daily News: 08/21/2014

Posted by Kevin on August 21, 2014

The ITsecurity daily security briefing: Thursday, August 21, 2014. If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com. News Papers/Reports WebThings Events M&A Alerts News “El Machete” details A new targeted attack. “‘Machete’ is a targeted […]

Daily ITsecurity Briefings: 08/12/2014

Posted by Kevin on August 12, 2014

(This is a pilot for what will hopefully become a daily service. All thoughts and opinions, advice and criticisms on content, length and design would be gratefully received – either here in the comments or by email to kevtownsend at gmail.com. Blatant trolling will simply be ignored.)   WHITEPAPERS & REPORTS BlackHat USA 2014 – […]

Never tell an AV guy that he’s unnecessary

Posted by Kevin on July 8, 2014

If there is one thing I have learnt in years of security, it is this: never tell an AV guy that he is not necessary. But that is exactly what Adrian Ludwig, the lead engineer for Android security at Google, seems to have told the Sydney Morning Herald: The majority of Android smartphone and tablet […]