Material that can  remember several shapes

We integrate the elasticity and plasticity into a single polymer network. Rational molecular design allows these two opposite behaviors to be realized at different temperature ranges without any overlap Source: Shape memory polymer network with thermally distinct elasticity and plasticity Basically you can save different shapes and recover to those different shapes hundreds of times.

How an IRS Employee Allegedly Stole $1 Million from Taxpayers

Few, if any, companies or government agencies store more sensitive personal information than the IRS, and consumers have virtually no insight into how that data is used and secured. But, as the results of a recent Justice Department investigation show, when you start poking around in those dark corners, you sometimes find very ugly things. Read more about How an IRS Employee Allegedly Stole $1 Million from Taxpayers[…]

HTTPS Bicycle Attack – Obtaining Password lengths From TLS Encrypted Browser Requests

The HTTPS Bicycle attack can result in the length of personal and secret data being exposed from a packet capture of a user’s HTTPS traffic. For example, the length of passwords and other data (such as GPS co-ordinates) can be determined simply by analysing the lengths of the encrypted traffic.Some of the key observations of Read more about HTTPS Bicycle Attack – Obtaining Password lengths From TLS Encrypted Browser Requests[…]

SLOTH attack means MD5 needs to be removed from TLS and SSH ASAP

In a paper [PDF] published in time for a cryptography conference in Silicon Valley this week, the authors from French research institute INRIA note that while MD5 (and its successor SHA1) are being phased out, they continue to be used in “mainstream protocols” like TLS, IKE, and SSH. This is not exactly news, but the Read more about SLOTH attack means MD5 needs to be removed from TLS and SSH ASAP[…]

Silent Circle Blackphone Icera Modem Security Patch

SentinelOne director of mobile research Tim Strazzere said he found an open socket—shell@blackphone:/dev/socket $ ls ­l at_pal srw­rw­rw­ radio system 2015­07­31 17:51 at_pal—accessible on the phone that the agps_daemon, a system-level shell is able to communicate with. The vulnerability, CVE-2015-6841, is specific to the modem used by the Blackphone, the Icera modem developed by nVidia. Read more about Silent Circle Blackphone Icera Modem Security Patch[…]

Time Warner Cable says up to 320,000 customers’ data may have been stolen

Time Warner Cable Inc said on Wednesday up to 320,000 customers may have had their email passwords stolen. The company said email and password details were likely gathered either through malware downloaded during phishing attacks or indirectly through data breaches of other companies that stored Time Warner Cable’s customer information, including email addresses. Source: Time Read more about Time Warner Cable says up to 320,000 customers’ data may have been stolen[…]

Drupal – Insecure Update Process, has been known since 2012

Source: IOActive Labs Research: Drupal – Insecure Update Process Issue #1: Whenever the Drupal update process fails, Drupal states that everything is up to date instead of giving a warning. Issue #2: An attacker may force an admin to check for updates due to a CSRF vulnerability on the update functionality Issue #3: Drupal security Read more about Drupal – Insecure Update Process, has been known since 2012[…]

Checkpoint chap’s hack whacks air-gaps flat

The Israel-based duo pried apart and compromised KVMs (keyboard video mouse) units such that they could download malware and compromise attached computers. The attack, demonstrated at the Chaos Communications Congress in Hamburg last month is notable because KVMs are used to control multiple machines. A compromised unit would not be immediately suspicious to most admins Read more about Checkpoint chap’s hack whacks air-gaps flat[…]

CBP wordt Autoriteit Persoonsgegevens

Per 1 januari is de naam van het College bescherming persoonsgegevens (CBP) veranderd in Autoriteit Persoonsgegevens. Voortaan kan de Autoriteit Persoonsgegevens boetes opleggen en zijn organisaties verplicht ernstige datalekken direct te melden aan de toezichthouder. Onvoldoende zorgvuldige omgang met persoonsgegevens levert voortaan dus zowel een boete als reputatieschade op. De maximale boete is 820.000 euro. Read more about CBP wordt Autoriteit Persoonsgegevens[…]

Spying on Congress and Israel: NSA Cheerleaders Discover Value of Privacy Only When Their Own Is Violated

NSA under President Obama targeted Israeli Prime Minister Benjamin Netanyahu and his top aides for surveillance. In the process, the agency ended up eavesdropping on “the contents of some of their private conversations with U.S. lawmakers and American-Jewish groups” about how to sabotage the Iran Deal. All sorts of people who spent many years cheering Read more about Spying on Congress and Israel: NSA Cheerleaders Discover Value of Privacy Only When Their Own Is Violated[…]

Microsoft failed to warn victims of Chinese email hack

Microsoft Corp (MSFT.O) experts concluded several years ago that Chinese authorities had hacked into more than a thousand Hotmail email accounts, targeting international leaders of China’s Tibetan and Uighur minorities in particular – but it decided not to tell the victims, allowing the hackers to continue their campaign, according to former employees of the company. Read more about Microsoft failed to warn victims of Chinese email hack[…]

Axis VIDIUS ™ – The World’s Smallest FPV Drone at $95

The all-new Axis VIDIUS Drone is the World’s Smallest First Person View Drone™, capable of flying up to 100 feet away, performing 360 degree flips and rolls all while streaming and recording live video! You can control the VIDIUS from your Android or Apple device or the included 2.4 gHz controller. The live video feed Read more about Axis VIDIUS ™ – The World’s Smallest FPV Drone at $95[…]