Archive for December, 2015 | Monthly archive page

Feds widen probe into lottery IT boss who rooted game for profit

37 US states could have been scammed by rogue security guy In July, Eddie Tipton, 52, was found guilty of installing a rootkit in the MSLA’s random-number generating computer that allowed him to predict the digits for future winning tickets. He also tampered with security cameras to cover up his time at the keyboard, the […]

Database of 191 million U.S. voters exposed on Internet

An independent computer security researcher uncovered a database of information on 191 million voters that is exposed on the open Internet due to an incorrectly configured database, he said on Monday. The database includes names, addresses, birth dates, party affiliations, phone numbers and emails of voters in all 50 U.S. states and Washington, researcher Chris […]

AVG: “Web TuneUP” extension multiple critical vulnerabilities: exposes browsing history and other personal data

When a user installs AVG AntiVirus, a Chrome extension called “AVG Web TuneUp” with extension id chfdnecihphmhljaaejmgoiahnihplgn is force-installed. I can see from the webstore statistics it has nearly 9 million active Chrome users. the attached exploit steals cookies from avg.com. It also exposes browsing history and other personal data to the internet, I wouldn’t […]

Springer books releases +-60k books online for free

Source: Search Results – Springer An awesome list of science books

Windows 10 uploads your Encryption Key to Microsoft with no opt-out.

One of the excellent features of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer […]

Australian government urges holidaymakers to kill two-factor auth

The official Twitter account for myGov – a portal for accessing government services online – told Aussies this week: “Going overseas this summer? If you’re registered for myGov security codes make sure you turn them off before you go.” The startling tweets come complete with professional cartoon graphics, clearly suggesting that rather than a civil […]

Washington State released thousands of inmates early in error due to poor software

Gov. Jay Inslee says the Washington Department of Corrections has been making mistakes in calculating sentences since 2002, resulting in thousands of inmates leaving prison early. Corrections officials learned of the problem in 2012. Source: ‘Totally unacceptable’: State knew thousands of inmates were released in error This is why QA is so important!

How to log into any backdoored Juniper firewall – hard-coded password published

And that password is:

Star Wars and Empire Strikes Back despecialised editions

info on star wars info on empire strikes back

Swedish researchers reveal (fixable) security hole in quantum cryptography

The energy-time entanglement technology for quantum encryption studied here is based on testing the connection at the same time as the encryption key is created. Two photons are sent out at exactly the same time in different directions. At both ends of the connection is an interferometer where a small phase shift is added. This […]

The First Person to Hack the iPhone Built a Self-Driving Car. In His Garage.

George Hotz is taking on Google and Tesla by himself, Source: The First Person to Hack the iPhone Built a Self-Driving Car. In His Garage. He’s sticking it to Elon Musk, who isn’t very happy about it! Which is why they’ve issued a “correction” which sounds highly petulant.

BadWinmail (Flash) Microsoft Outlook Bug Can Give Attackers Control Over PCs

When a user opens an Outlook email or previews the email in one of the Outlook panels, the OLE mechanism will automatically read the embedded Flash object and try to execute it, to provide a preview. Since most Flash exploits only need to be executed to work, and because there’s a flaw in the Outlook […]

Some Rainbows Don’t Have Every Color of the Rainbow: there are 12 types

There are at least 12 kinds of rainbows, a new study reveals, and some skip a color or two. Since the 1950s, rainbow classification has been based on the size of the raindrops that create them. The bigger the drops, the more vivid the colors. Another attempt organized them by the height of the sun […]

RayZone InterApp: The Gadget That Can Spy on Any Smartphone

InterApp can allow its operators to break into nearby smartphones that have their WiFi connection open, and then, employing a diverse arsenal of security vulnerabilities, gain root permission on devices and exfiltrate information to a tactical server. According to Rayzone, InterApp can steal a user’s email address password and content, passwords for social networking apps, […]

Database leak exposes 3.3 million Hello Kitty fans

A database for sanriotown.com, the official online community for Hello Kitty and other Sanrio characters, has been discovered online by researcher Chris Vickery. The database houses 3.3 million accounts, and has ties to a number of other Hello Kitty portals. The records exposed include first and last names, birthday (encoded, but easily reversible Vickery said), […]

The Secret Surveillance Catalogue

A source provided The Intercept with a secret, internal catalogue of cell-phone surveillance devices used by the military and intelligence agencies. Source: The Secret Surveillance Catalogue

Juniper ScreenOS® contains unauthorised code, opens your VPNs

ouch Source: Important Announcement about ScreenOS® – J-Net Community

Project Zero: FireEye security appliance Exploited by passing jar file through it

FireEye sell security appliances to enterprise and government customers. FireEye’s flagship products are monitoring devices designed to be installed at egress points of large networks, i.e. where traffic flows from the intranet to the internet. Source: Project Zero: FireEye Exploitation: Project Zero’s Vulnerability of the Beast All you need to do is send the jar […]

Bionic eye will send images direct to the brain to restore sight via 500 pixel “display”

The plan is to implant up to 11 small tiles, each loaded with 43 electrodes, into areas of the brain that deal with vision. When these areas are stimulated, people report seeing flashes of light. Lowery believes that each electrode could create a dot of light that is similar to seeing one pixel. In total, […]

Microsoft: Upgrade to Windows 10 NOW or TONIGHT!

The large pop-up screen, which first appeared over the weekend, gives users the option of upgrading straight away or … that evening. Users can still opt out by clicking on the red ‘X’ in the top right corner of the window, but less savvy computer users (part of Redmond’s core market segments) might not figure […]

Machine Learning Inspired by Human Learning  – AI can learn handwriting using a single example

Taking inspiration from the way humans seem to learn, scientists have created AI software capable of picking up new knowledge in a far more efficient and sophisticated way. The new AI program can recognize a handwritten character about as accurately as a human can, after seeing just a single example. The best existing machine-learning algorithms, […]

Philips Hue will be kept open after all

Philips draait het besluit om zijn Philips Hue systeem niet langer open te stellen voor andere lampenleveranciers terug. Het bedrijf werkt aan nieuwe firmware, waarmee de veranderingen ongedaan worden gemaakt. Source: Philips stelt zijn Hue systeem alsnog open voor derden – Emerce Many complaints caused a turn around.

Congress strips out privacy protections from CISA ‘security’ bill

Under the original CISA legislation, companies would share their users’ information with federal government departments once it had been anonymized. The government could then analyze it for online threats, while the companies received legal immunity from prosecution for breaking existing privacy agreements. But as the bill was amended, the privacy parts of the proposed law […]

Privacy advocates like EU new privacy law proposal. Big business and advertisers not so much.

IAB Europe maakt zich grote zorgen over de nieuwe geharmoniseerde privacywetten die in 2018 van kracht worden in Europa. Ook Apple, Google, Microsoft en Nederland ICT zien economische hindernissen ontstaan. Source: IAB: ‘Nieuwe privacywet maakt online branche kreupel’ – Emerce

Grub2 Authentication Bypass: press backspace 28 times

A vulnerability in Grub2 has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). And so, the attacker may take control of the computer. Source: Back to 28: Grub2 Authentication […]

 
Skip to toolbar