Security News

Wondermark on Security

Bruce Shneier's Blog - Fri, 10/20/2017 - 14:46
Another comic.... Bruce Schneier
Categories: Security News

Denuvo DRM Cracked within a Day of Release

Bruce Shneier's Blog - Fri, 10/20/2017 - 09:17
Denuvo is probably the best digital-rights management system, used to protect computer games. It's regularly cracked within a day. If Denuvo can no longer provide even a single full day of protection from cracks, though, that protection is going to look a lot less valuable to publishers. But that doesn't mean Denuvo will stay effectively useless forever. The company has... Bruce Schneier
Categories: Security News

Leaked: Facebook security boss says its corporate network is run "like a college campus"

zdnet 0 day - Thu, 10/19/2017 - 15:00
The source of the recording said Facebook's senior management and executives were apathetic to matters of cybersecurity. Alex Stamos said he used one of the remarks "as a figure of speech."
Categories: Security News

Security Flaws in Children's Smart Watches

Bruce Shneier's Blog - Thu, 10/19/2017 - 09:18
The Norwegian Consumer Council has published a report detailing a series of security and privacy flaws in smart watches marketed to children. Press release. News article. This is the same group that found all those security and privacy vulnerabilities in smart dolls. EDITED TO ADD (10/21): Slashdot thread.... Bruce Schneier
Categories: Security News

Malicious Minecraft apps in Google Play enslave your device to a botnet

zdnet 0 day - Thu, 10/19/2017 - 02:26
Malicious Minecraft skin downloads can harness your device for DDoS attacks.
Categories: Security News

NSA won't say if it knew about KRACK, but don't look to this leaked doc for answers

zdnet 0 day - Wed, 10/18/2017 - 16:54
Given how the NSA has tried to hack anything it can, many looked to one top secret leaked document for answers.
Categories: Security News

IoT Cybersecurity: What's Plan B?

Bruce Shneier's Blog - Wed, 10/18/2017 - 09:58
In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece of legislation. It doesn't regulate the IoT market. It doesn't single out any industries for particular attention, or force any companies to do anything. It doesn't even modify the liability laws for embedded... Bruce Schneier
Categories: Security News

Oracle swats 252 bugs in patch update

zdnet 0 day - Wed, 10/18/2017 - 05:29
Hundreds of different products are affected by a range of vulnerabilities tackled in the update.
Categories: Security News

ATM malware available online for only $5,000

zdnet 0 day - Wed, 10/18/2017 - 04:00
Malware which forces ATMs to hemorrhage cash has been discovered for sale on the Dark Web at an unfortunately accessible price.
Categories: Security News

Here's every patch for KRACK Wi-Fi vulnerability available right now

zdnet 0 day - Tue, 10/17/2017 - 11:30
Vendors are reacting swiftly to a vulnerability that lets attackers eavesdrop on your network traffic.
Categories: Security News

Chinese backdoor malware resurfaces after more than a decade

zdnet 0 day - Tue, 10/17/2017 - 11:00
The malware affects Windows 7 and up to Windows 8.1, the researchers confirmed.
Categories: Security News

Security Flaw in Infineon Smart Cards and TPMs

Bruce Shneier's Blog - Tue, 10/17/2017 - 09:24
A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes creates public keys that are vulnerable to Coppersmith's attack: While all keys generated with the library are much weaker than they should be, it's not currently practical to factorize all of them. For example,... Bruce Schneier
Categories: Security News

As devastating as KRACK: New vulnerability undermines RSA encryption keys

zdnet 0 day - Tue, 10/17/2017 - 03:57
A new security flaw has placed the security of RSA encryption in jeopardy.
Categories: Security News

KRACK mass Wi-Fi attack: Who is to blame?

zdnet 0 day - Tue, 10/17/2017 - 02:09
A cryptography expert weighs in on how the bug managed to lurk in WPA2 without detection.
Categories: Security News

Adobe patches zero-day vulnerability used to plant gov't spying software

zdnet 0 day - Tue, 10/17/2017 - 01:22
KRACK is not the only security flaw you should be concerned about.
Categories: Security News