OpenSSL heartbeat PoC with STARTTLS support.. Also some exploiting tool called openmagic

Startup morphs website code against morphing malware, causing cries of anguish from attackers | VentureBeat | Security | by Barry Levine.

In the latest case, an employee from personal credit ratings firm Korea Credit Bureau KCB has been arrested and accused of stealing the data from customers of three credit card firms while working for them as a temporary consultant.Seoul’s financial regulators on Sunday confirmed the number of affected users as at least 20 million, in Read more about Bank data of 20 million customers leaked in South Korea[…]

Due to a DNS problem with onmicrosoft.com, the glue tying domain names to Microsoft cloud services logins, these services were down. Long live the cloud! http://www.theregister.co.uk/2013/11/14/office_365_cloudy_oopsie/

Bewustwording pakt de belangrijkste schakel in online veiligheid aan: de mens Online gebeurt er veel. Bedrijven stellen steeds vaker web-based systemen ter beschikking aan medewerkers. Zo kunnen ze altijd en overal bij de gegevens en functionaliteiten die ze nodig hebben en vaak zelfs nog méér. Alles SaaS, Cloud en 2.0. Met goede reden; er hoeft Read more about Bewustwording pakt de belangrijkste schakel in online veiligheid aan: de mens[…]

Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing: Encryption No one else can read your instant messages. Authentication You are assured the correspondent is who you think it is. Deniability The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after Read more about Off-the-Record Messaging[…]

Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing: Encryption No one else can read your instant messages. Authentication You are assured the correspondent is who you think it is. Deniability The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after Read more about Off-the-Record Messaging[…]

Wickr is a free app that provides:  ·military-grade encryption of text, picture, audio and video messages ·sender-based control over who can read messages, where and for how long ·best available privacy, anonymity and secure file shredding features ·security that is simple to use https://www.mywickr.com/en/index.php For both iphone and android

The CIA is not in the habit of discussing its clandestine operations, but the agency’s purpose is clear enough. As then-chief James Woolsey said in a 1994 speech to former intelligence operatives: “What we really exist for is stealing secrets.” Indeed, the agency declined to comment for this article, but over the course of more Read more about An insight into CIA burglary[…]

Homomorphic encryption is where one party (Alice) encrypts data and passes it to another (Bob) with an encrypted key. This means that Bob can’t read the data, but can perform computations on it, and pass the encrypted results (which Bob can’t read) to Alice, so that she can decrypt it with her key. This is Read more about A good explanation of homomorphic encryption[…]

The researchers realized that apparently identical graphics processors are actually different in subtle, unforgeable ways. A piece of software developed by the researchers is capable of discerning these fine differences. The order of magnitude of these differences is so minute, in fact, that manufacturing equipment is incapable of manipulating or replicating them. Thus, the fine-grained Read more about Authentication Implications in Uniquely Identifiable Graphics Cards | threatpost[…]

Bojinov and colleagues designed a game lasting 30 to 45 minutes in which players intercept falling objects by pressing a key. The objects appear in one of six positions, each corresponding to a different key. Positions of objects were not always random. a hidden sequence of 30 successive positions was repeated over 100 times. Players Read more about Neuroscience joins cryptography – impant a password into a brain without the person knowing what the password is[…]

Which basically means that anyone with an NFC reader can steal someone else’s bank data and use the information to purchase at online shops that don’t ask for CVC numbers (such as Amazon). Incredible how badly secured this is. Miljoenen NFC-bankpassen lekken data | Webwereld.

It sends your personal information, can be commanded from remote servers and comes packaged with legal software in certain compromised Chinese Android marketplaces… The Official Lookout Blog | Security Alert: Geinimi, Sophisticated New Android Trojan Found in Wild.

So basically the huge investment into backscatter porno scanners was a huge waste of money (as we all knew). The threat was (once again) thwarted through the use of good old fashioned investigative work. Yemen Cargo Bombs Designed to Thwart DHS Detectors – Blog.

He’s also pissed off with all the technology being put into airports and the ignoring of human intelligence. Marijn Ornstein, the manager of security policy at Schiphol airport in Amsterdam, said: “If you look at all the recent terrorist incidents, the bombs were detected because of human intelligence not because of screening … If even Read more about Schiphol Security chief criticises EU approach to air safety[…]

The system is not open enough and basically only offers the illusion of extra security. Don’t do it say the government advisors. Regeringsadviseur hekelt Nederland om vingerafdruk – UPDATE | Webwereld.

BLADE is a new Windows immunization system that prevents surreptitious drive-by download exploits from infecting vulnerable Windows hosts. BLADE is implemented as a series of kernel extensions, which interrupt the covert binary installation phase of current malware drive-by exploits. Ie. it checks if you authorised the download and execution of a file. via BLADE – Read more about BLADE – Block All Drive-by Download Exploits[…]

The AIVD, the Dutch internal security police, have issued a warning that Dutch government and businesses are being spied on at an unprecedented rate, usually by trying to install trojans activated by email attachments. The spies are often foreign governments and China is being fingered specifically as a culprit. AIVD: Nederland steeds vaker digitaal bespioneerd Read more about AIVD: The Netherlands is being spied on by hackers[…]

We now have approximately 4,000 in the Federal Air Marshals Service, yet they have made an average of just 4.2 arrests a year since 2001. This comes out to an average of about one arrest a year per 1,000 employees.Now, let me make that clear. Their thousands of employees are not making one arrest per Read more about Congressman Duncan Blasts “Useless” Air Marshal Service[…]

Don’t know if this will work in Europe, but in the US, a starter gun is considered a weapon. You simply declare you are carrying a weapon at baggage check in, they issue a little label you sign and they stick on the bag, and the bag doesn’t get rifled or checked, because the TSA Read more about Pack a Gun to Protect Valuables from Airline Theft or Loss[…]

It turns out that administering low-intensity shockwaves to the penis can help men with blood flow problems get over their difficulties getting a hard on. Viagra and Cialis help, but they need to keep taking the pills every time. This is a more permanent solution, because the shocks encourage the growth of new blood vessels Read more about Shock Treatment Helps Erectile Dysfunction[…]