Hardware hacker and security researcher Samy Kamkar has released a slick new device that masquerades as a typical USB wall charger but in fact houses a keylogger capable of recording keystrokes from nearby wireless keyboards.
Tag Archives: Featured
Certificate Transparency Moves Forward With First Independent Log
The Certificate Transparency scheme proposed by Google engineers has taken a couple of significant steps forward recently, with the approval of the first independent certificate log and the passing of a deadline for all extended validation certificates to be CT-compliant or lose the green indicator in Google Chrome. On Jan. 1, a CT log operated by […]
Researchers Say POODLE Attack Affects Some TLS Implementations
The POODLE attack against SSLv3 that researchers from Google revealed earlier this year also affects some implementations of TLS and vendors now are scrambling to release patches for gear affected by the vulnerability. Soon after the POODLE attack was disclosed in October, researchers began looking into whether it might affect protocols other than SSLv3. It quickly […]
WhatsApp Adds Encryption by Default to Android App
WhatsApp, a massively popular messaging app, recently added end-to-end encryption for some mobile clients, a move that brings a high level of security to millions of users. The change is the result of a partnership with Open Whisper Systems, the secure text and mobile OS company started by security researcher Moxie Marlinspike. Twitter acquired Open […]
Matsnu Botnet DGA Discovers Power of Words
The Matsnu botnet has deployed a new domain generation algorithm that builds domain names from a list of nouns and verbs. The plain English phrases help the DGA elude detection.
Shellshock Exploits Targeting SMTP Servers at Webhosts
SANS Internet Storm Center reports attacks against SMTP servers using Shellshock exploits to create a DDoS botnet.
AT&T Hit By Insider Breach
AT&T is warning consumers about a data breach involving an insider who illegally accessed the personal information of an unspecified number of users.
Malware-Laced Emails Appear to Come From LogMeIn
Spam emails pretending to be a security update for LogMeIn users, including a new security certificate countering Heartbleed attacks, are making the rounds, warns the SANS Institute.
Big Batch of Bugs Fixed in Various Versions of IDA
The makers of the popular IDA disassembly and debugging tool have fixed more than a dozen security vulnerabilities in a variety of versions. Some of the vulnerabilities are a couple of years old, and patches are provided for versions from 6.1 up through 6.6. IDA is a tool used by malware analysts, security researchers and […]
‘Kyle and Stan’ Malvertising Network Targets Windows and Mac Users
A malvertising network that has been operating since at least May has been able to place malicious ads on a number of high-profile sites, including Amazon and YouTube and serves a unique piece of malware to each victim. The network, dubbed Kyle and Stan by the Cisco researchers who analyzed its activities and reach, comprises […]