Dear etechnews today,
Your weekly security newsletter from theregister.co.uk
for the week ending 26th May 2014
*** Security News ***
128-bit crypto scheme allegedly cracked in two hours
Boffins splat 'supersingular curve' crypto
http://www.theregister.co.uk/2014/05/26/boffins_splat_supersingular_curve_crypto/
New XSS vuln hits eBay as rubbish passw0rds persist
Tat bazaars own password rules don't apply when users pick new sekrit
w0rdz
http://www.theregister.co.uk/2014/05/26/hacked_ebay_says_dont_use_password1_but_accepts_it_anyway/
Congress divorces NIST and NSA
Spooks lose their role in developing encryption standards
http://www.theregister.co.uk/2014/05/26/congress_divorces_nist_from_nsa/
Kiwis unplug supercomputer after intrusion
34 Tflops in hackers' hands
http://www.theregister.co.uk/2014/05/26/kiwis_unplug_niwa_super_after_intrusion_spotted/
Apple blasts 22 WebKit bugs with Safari update
Browser gets new patches for vulnerabilities
http://www.theregister.co.uk/2014/05/23/apple_blasts_22_webkit_bugs_with_safari_update/
Look, pal, it's YOUR password so it's YOUR fault that it's gone AWOL
Security begins at home... and ends up in someone else's
http://www.theregister.co.uk/2014/05/23/look_pal_its_your_password_so_its_your_fault_we_lost_it/
eBay faces MULTIPLE PROBES into mega-breach
US attorneys-general and UK ICO probing circumstances around massive
security breach
http://www.theregister.co.uk/2014/05/23/ebay_security_breach_investigations/
Redmond promises IE8 patch is in the pipeline
Bug not so bad, Microsoft says, but if you won't upgrade we'll get
around to it eventually
http://www.theregister.co.uk/2014/05/23/redmond_reversal_sees_ie8_patch_in_the_pipeline/
Privacy International probes GCHQ's mouse fetish
Asks Dell, Apple et al why Grauniad's Snowden-sodden peripherals
deserved drilling
http://www.theregister.co.uk/2014/05/23/grauniad_peripherals_trashed_in_gchq_snowden_raid/
Beijing to Washington: Ratted-out routers not welcome here
China announces vendor 'vetting' plan to keep out snoopware-infested
kit
http://www.theregister.co.uk/2014/05/23/beijing_to_washington_rattedout_routers_not_welcome_here/
Shockwave shocker: Plugin includes un-patched version of Flash
Year-old bugs patched in Flash remain present in Shockwave
http://www.theregister.co.uk/2014/05/23/shockwave_shocker_movie_box_riddled_with_0day_archive_of_antiquity/
Better safe than sorry: SourceForge pushes password reset
Site asks users to change up logins in security shakeup
http://www.theregister.co.uk/2014/05/22/better_safe_than_sorry_sourceforge_pushes_password_reset/
eBay says database leak dump offers are fake
Crooks being unscrupulous - who'd have thought it?
http://www.theregister.co.uk/2014/05/22/ebay_db_dump_looks_fake/
EBAY... You keep using that word 'ENCRYPTION' – it does not mean what
you think it means
Hash tag FAIL: Online tat biz makes a hash of hashing
http://www.theregister.co.uk/2014/05/22/ebay_password_encryption/
eBay slammed for daft post-hack password swap advice
'bestjetpilot' NOT good option, no matter what it tells you
http://www.theregister.co.uk/2014/05/22/ebay_dodgy_password_change_advice/
Facebook wants to LISTEN IN on the songs and vids playing in YOUR
living room
Pass the mic to Zuck... tap, tap... *cough*
http://www.theregister.co.uk/2014/05/22/facebook_wants_to_listen_in_to_songs_and_vids_playing_in_your_living_room/
Silent Circle raises $30m to make more anti-snoop smartphones
Privacy comms firm says money will meet Blackphone demand and fund
growth
http://www.theregister.co.uk/2014/05/22/silent_circle_30m_funding_round/
CERN and MIT chaps' secure webmail stalled by stampede of users
Proton Mail encrypts text in the browser and doesn't collect metadata
http://www.theregister.co.uk/2014/05/22/proton_mails_cryptoformugs_stalled_by_success/
'Anons' cuffed by Australian Federal Police
Two arrested for attacks on Indonesian and Australian websites
http://www.theregister.co.uk/2014/05/22/anons_cuffed_by_australian_federal_police/
Cisco slurps security scanner
ThreatGRID to be assimilated into The Borg
http://www.theregister.co.uk/2014/05/22/cisco_slurps_security_scanner/
Redmond slow to fix IE 8 zero day, says 'harden up' while U wait
Phishers get fresh code execution bait
http://www.theregister.co.uk/2014/05/22/ie_8_zero_day_dumped_after_7_months_redmond_says_harden_up/
Malware-as-a-service picks Android apart
Dev offers crimeware roadmap to subscription customers
http://www.theregister.co.uk/2014/05/22/five_thousand_dollar_droid_malware_records_phone_calls_taps_mics/
Hackers lay claim to exploit that defeats iPhone anti-theft tools
Dutch duo say they have thwarted remote locking mechanisms
http://www.theregister.co.uk/2014/05/22/hackers_lay_claim_to_exploit_defeating_iphone_antitheft_tools/
PayPal Manager bug left web stores open to cyber-burglars
At least payment giant changed the locks within a day
http://www.theregister.co.uk/2014/05/21/paypal_account_hijack_vuln_patched/
EBay, you keep using the word 'SECURITY'. I do not think it means what
you think it means
Change your passwords – tat bazaar ransacked by hackers
http://www.theregister.co.uk/2014/05/21/ebay_breach/
Watch this! The changing face of malware
QA training sessions recorded for you
http://www.theregister.co.uk/2014/05/21/the_changing_face_of_malware_video_training/
350 DBAs stare blankly when reminded super-users can pinch data
A password is for life, not just for Christmas
http://www.theregister.co.uk/2014/05/21/got_privileged_users_three_hundred_and_fifty_dbas_just_stare_blankly/
Wacky 'baccy making a hash of FBI infosec recruitment efforts
Feds ponder lower inhalation thresholds for candidate
http://www.theregister.co.uk/2014/05/21/stoners_hold_back_infosec_recruiting_fbi/
Chrome 35 made deaf to old speech API bug
23 flaws fixed in new version of Chocolate Factory's browser
http://www.theregister.co.uk/2014/05/21/patch_or_cop_chrome_security_shiner/
Schneider Electric asks users to patch Heartbleed again
We'd have gotten away with it if it weren't for those meddling kids and
their plug-ins
http://www.theregister.co.uk/2014/05/21/schneider_to_users_patch_heartbeed/
US giant NBC 'leaks' PRIVATE Amazon keys in Github Glenn gaffe
Media goliath accidentally gave me its websites' AWS tokens, says UK
CEO
http://www.theregister.co.uk/2014/05/20/github_oversharing_snafu_nbc_private_keys/
AVG on Heartbleed: It's dangerous to go alone. Take this (an AVG tool)
Thousands of websites still spilling their crypto blood on carpets
everywhere
http://www.theregister.co.uk/2014/05/20/heartbleed_still_prevalent/
Creepy Facebook urges users to pester friends about their SEX LIVES
Stalking-as-a-service: What the Zuck?
http://www.theregister.co.uk/2014/05/20/facebook_relationship/
Silverlight finally becomes popular ... with crims
Angler exploit kit targets Redmond's unloved rich web application kit
http://www.theregister.co.uk/2014/05/20/silverlight_attacks_spike_as_ekers_shift_java_cross_hairs/
Yahoo! Saves! Trolls! From! Session! Jacking! Holes!
Cross site scripting SNAFU infected myriad Purple Palace comment pages
http://www.theregister.co.uk/2014/05/20/yahoo_saves_trolls_from_session_jacking_bugs/
IM services start to block unencrypted chats
XMPP upgrade is rolling out now
http://www.theregister.co.uk/2014/05/20/im_upgrade_locks_out_lazy_eavesdroppers/
Samsung mobes to get an eyeful of your EYE in biometric security bid
Iris scanners could come standard on future phones
http://www.theregister.co.uk/2014/05/19/samsung_iris_scanners/
US authorities name five Chinese military hackers wanted for espionage
31 charges brought against alleged PLA hacking team
http://www.theregister.co.uk/2014/05/19/us_authorities_name_five_chinese_military_hackers_wanted_for_espionage/
Chip and SKIM: How dodgy crypto can leave shoppers open to fraud
Cambridge uni gurus to present debit, credit PIN card findings today in
San Jose
http://www.theregister.co.uk/2014/05/19/chip_and_skim/
LifeLock snaps shut Wallet mobile app over credit card leak fears
Wipes servers clean of user data after PCI DSS issues
http://www.theregister.co.uk/2014/05/19/lifelock_yanks_mobile_app/
Cops crimp global perve-cam attacks
BlackShades-wielding script kids cuffed on three continents
http://www.theregister.co.uk/2014/05/19/cops_crimp_global_pervecam_attacks/
*** Whitepaper ***
Survival guide for data in the wild
With step-by-step instructions, this Survival Guide is your most valuable tool for keeping corporate assets out of harm's way.
http://whitepapers.theregister.co.uk/d/cdd/9e7f3/73b/83a4c7ca?td=week_sec_e
------------------------------------------------------------------------
This email was sent to garn14.tech@blogger.com
To change your email or your email subscriptions
http://account.theregister.co.uk/login/
To unsubscribe from all The Register newsletters
http://account.theregister.co.uk/unsubscribe/649203/acc978a1
The Register and its contents are Copyright © 2014 Situation Publishing.
All rights reserved.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.