ITsecurity
twitter facebook rss

GCHQ promises to share threat data with business

Posted by Kevin on June 18, 2014

There are many news reports around right now about GCHQ’s new plan to share it’s threat intelligence with business; and the security industry is scrambling to lend its support to the initiative. Therefore we welcome GCHQ aiding the defence of the UK’s cyber infrastructure by sharing its valuable threat intelligence with communication service providers. Rob […]

Yes, GCHQ really does collect the content of British communications

Posted by Kevin on June 17, 2014

You have to wonder why Cameron tried to force through the Communications Data Bill (you may remember, that was the one called the ‘Snoopers’ Charter’) when the Snowden files revealed that GCHQ was already doing pretty much everything the new law would allow them – that is, snooping on everyone in the UK (that’s you […]

Microsoft Vs the US government

Posted by Kevin on June 16, 2014

Microsoft’s case to prevent the United States government from using search warrants to demand data that is not stored in the United States has picked up a number of high-profile backers, including the Electronic Frontier Foundation, Verizon, AT&T, and, recently, Apple and Cisco. Tech Giants Join Microsoft In Calling For US Gov To End Use […]

CrowdStrike does a Mandiant and accuses the Chinese military

Posted by Kevin on June 14, 2014

Just three weeks after the FBI indicted five members of the Chinese military, and some 14 months after Mandiant’s initial ‘J’accuse China’ report, CrowdStrike has joined the party. While Mandiant tracked the APT1 hacking group to the Chinese military unit 61398 (“Unit 61398 is partially situated on Datong Road in Gaoqiaozhen, which is located in […]

JavaScript: New Privacy/Security Threat

Posted by Alexander Hanff on June 13, 2014

  Recently, a developer I know reasonably well contacted me to show me a new JavaScript library he had written which exposes information on all network adapters and connections on a PC. This code was able to detect -all- network adapters along with the IP addresses assigned to them including virtual adapters. This means that […]

Apple’s new Swift — is it secure?

Posted by Kevin on June 13, 2014

Apple’s new programming language for the Apple iOS and OS X ecosystem, Swift, has received widespread praise and enthusiasm. It was announced earlier this month at the Apple Worldwide Developers Conference in San Francisco. Swift is typical Apple — it is by Apple for Apple, and not much else. It is elegant and fun and […]

TweetDeck’s all-a-flutter

Posted by Kevin on June 12, 2014

OK, so what’s this all about? The first thing to note is the speed of TweetDeck’s reaction. As soon as they realised the problem, they shut down, fixed it, and restarted in just about one hour. So we’re safe now, yes? No, we’re never safe. All we can do is make a judgment on whether […]

The PF Chang’s breach and the lessons we should learn

Posted by Kevin on June 12, 2014

Brian Krebs reported Tuesday that fresh credit card details are being offered for sale on the internet. When he approached several banks over the details he found a common denominator: “all had been used at P.F. Chang’s locations between the beginning of March 2014 and May 19, 2014.” Contacted about the banks’ claims, the Scottsdale, […]

Watch Dogs-inspired hacking previews the internet of things

Posted by Kevin on June 11, 2014

The internet of things will be a kiddies’ playground, courtesy of Shodan. Shodan is a search engine that finds computer and server software connected to the internet rather than website content. But if those computers with that software have a known vulnerability, then any old kiddie with an exploit can get in. By way of […]

Two iPhone hackers probably behind the Oleg Pliss attacks arrested in Russia

Posted by Kevin on June 11, 2014

A Monday announcement by the Russian Interior Ministry claims that two men have been arrested following reports that iPhones have been blocked remotely and that ‘attackers’ have demanded money in order to release them. Although the Ministry announcement made no mention of non-Russian attacks, it seems almost certain that these are the same hackers behind […]