security

  • Sysdig Now Detects Shellshock Intrusions For Fun And Profit

    Sysdig Now Detects Shellshock Intrusions For Fun And Profit

    The folks at Sysdig have your back, sysadmins. The founder, Loris Degioanni, has posted an update to his open source system monitor that can look for Shellshock attacks in real time. Because the HTTP requests used by Shellshock exploits are quite unique, the monitor can watch for attacks on the bash shell automatically and let you know when hackers are trying to get in. From… Read More

  • Let’s Fix The Internet

    Let’s Fix The Internet

    I hate to be the one to tell you this, but: we, the people of the Internet, have collectively run up a colossal amount of technical debt. Much of our online infrastructure consists of band-aid and/or legacy Rube Goldberg solutions hacked together with bubble gum and baling wire; and the only way to pay back technical debt is to fix it. The good news is, we’re finally doing just that. Read More

  • CloudFlare’s New Keyless SSL Could Unlock Cloud For Financial Institutions

    CloudFlare’s New Keyless SSL Could Unlock Cloud For Financial Institutions

    Financial institutions crave cloud scalability, but have been reluctant to jump on the cloud bandwagon because of security concerns. In particular, they have been hesitant to expose their precious SSL keys to the open internet. The key identifies them as a financial institution and lets the other party know they can accept or send funds. As you can imagine, they don’t ever want… Read More

  • Apple’s Tim Cook Does Some Security Straight Talking

    Apple’s Tim Cook Does Some Security Straight Talking

    Today, Apple’s Tim Cook posted a letter announcing a new security page on the company’s website, publishing some fairly plain-language security talk. There’s some solid language here that is clearly designed to allay fears about the way that Apple protects user data in the wake of the celebrity nude hacking incidents. Cook’s words: We believe in telling you up… Read More

  • 1Password’s iOS 8 Update Goes Freemium, Brings Touch ID To Some Apps

    1Password’s iOS 8 Update Goes Freemium, Brings Touch ID To Some Apps

    1Password, the app that keeps your accounts secure by generating long, complex passwords and letting you access them by a single password of your choice, arrives on iOS 8 today and brings with it extensions in certain apps (including Safari) and a new, low starting price: free. Read More

  • Wikileaks Releases German Spyware That Governments Used To Hack Journalists And Dissidents

    Wikileaks Releases German Spyware That Governments Used To Hack Journalists And Dissidents

    As part of its ongoing Spyfiles series of posts, Wikileaks has released the back and front-end systems used by multiple governments to spy on journalists, dissidents, and others. The files appear to be weaponized Windows malware although the software, called FinFisher, also works on OS X. From the post: FinFisher (formerly part of the UK based Gamma Group International until late 2013) is… Read More

  • Apple Will Add Extra Security Measures To iCloud, Says Tim Cook

    Apple Will Add Extra Security Measures To iCloud, Says Tim Cook

    Apple has added extra security measures to iCloud, including alerts if someone tries to change your account password, download iCloud files to a new device, or a log a new device onto an account. Users can then change their passwords immediately or notify Apple security. The alerts will start in two weeks, CEO Tim Cook told the Wall Street Journal. In addition, Apple will also increase its use… Read More

  • Apple Should Be More Transparent About Security

    Apple Should Be More Transparent About Security

    It seems that Apple has gotten embroiled in a security scandal of one sort or another every few months. It dodged Heartbleed but was hit by the very embarrassing ‘goto fail’ bug. It was called out for not adequately documenting the uses of diagnostic tools that could have been used to collect data from user devices. Late last year researchers showed off a method for… Read More

  • Home Depot Investigating Potentially Massive Credit Card Breach

    Home Depot Investigating Potentially Massive Credit Card Breach

    Did you just get your credit card replaced after the Great Target Fiasco of 2013? Don’t get too used to that new card. It’s starting to look like it’s that time again. Home Depot has confirmed that it’s investigating some “unusual activity” with regards to its customer data, and the consistently spot-on Brian Krebs is saying that it’s a credit card breach. Read More

  • Zimperium Updates Its Security Suite To Protect Employees’ iOS Devices From Cyberattacks

    Zimperium Updates Its Security Suite To Protect Employees’ iOS Devices From Cyberattacks

    Zimperium, a mobile security company, provides a way to test if a public network has any vulnerabilities. Now, the company has updated its Mobile Threat Defense Suite to 2.0, bringing a new app to iOS devices — zIPS. Read More