Jenna McLaughlin at The Intercept writes that Apple CEO Tim Cook “lashed out at the high-level delegation of Obama administration officials who came calling on tech leaders in San Jose last week.”
The World Wide Web Consortium, which makes the standards the Web runs on, continues to pursue work on DRM -- technology that you can't connect to without explicit permission, and whose bugs can't be reported without legal jeopardy lest you weaken it. Read the rest
Because a PIN-pad is so constrained and predictable, the accelerometer in your smartwatch is able to guess with a high degree of confidence (73%) what you enter into it -- it can also serve as a general-purpose keylogger, though with less accuracy (59%), thanks to the complexity of the keyboard. Read the rest
The company makes ignition interlock breathalyzers that are mandated by courts as a condition of driving after DUI convictions. Read the rest
In the month since network security giant Juniper Networks was forced to admit that its products had NSA-linked backdoors, the company's tried a lot of different strategies: minimizing assurances, apologies, firmware updates -- everything, that is, except for removing th Dual_EC random number generator that is widely understood to have been compromised by the NSA. Read the rest
Remember the Hong Kong-based crapgadgeteer Vtech, who breached 6.3 million kids' data from a database whose security was jaw-droppingly poor (no salted hashes, no code-injection countermeasures, no SSL), who then lied and stalled after they were outed? They want to make home security devices that will know everything you say and do in your house. Read the rest
It's been a month since Juniper admitted that its firewalls had back-doors in them, possibly inserted by (or to aid) US intelligence agencies. In the month since, Juniper has failed to comprehensively seal those doors, and more suspicious information has come to light. Read the rest
In Shopshifting: The potential for payment system abuse, Karsten Nohl and Fabian Bräunlein showed attendees at Hamburg's Chaos Communications Congress just how poor the security in payment terminals is, and demonstrated several attacks that would let them harvest card numbers and PINs, make undetectable phantom charges and refunds to merchant accounts, and commit other mischief. Read the rest
Bruce Schneier explains the short, terrible history of the Internet of Things, in which companies were lured to create proprietary lock-ins for their products because the DMCA, a stupid 1998 copyright law, gave them the power to sue anyone who made a product that connected to theirs without permission. Read the rest
Last week, security researcher Chris Vickery discovered a database containing 3.3 million accounts from Sanriotown, a commercial Hello Kitty fansite operated by Sanrio, Hello Kitty's corporate owners. Read the rest
The Interapp from Tel Aviv's Rayzone Group is an intrusion appliance that uses a cache of zero-day exploits against common mobile phone OSes and is marketed as having the capability to infect and take over any nearby phone whose wifi is turned on. Read the rest
Juniper Networks makes a popular line of enterprise firewalls whose operating system is called Screen OS. The company raised alarm bells with a late-day-on-a-Friday advisory announcing that they'd discovered "unauthorized code" in some versions of Screen OS, a strange occurrence that hinted at a security agency or criminal enterprise had managed to tamper with the product before it shipped. Read the rest
The Fireeye "threat prevention device" is designed to scan all the emails, attachments, and other files coming in and out of your network, but a bug in the device allowed hackers to embed malware in an email that would take over the device -- and your whole network -- when the device checked it for viruses. Read the rest
Some Safeway customers in California and Colorado who used debit/credit cards have had their card numbers and PINs slurped up by criminals who then took the cards out for spending sprees. Read the rest
A man in the Washington, DC area caught some housecleaners he'd hired through Handy.com photographing documents and rifling through his papers, presumably to commit identity theft.
Or, who knows, maybe they were also document archivists and wanted to be very very certain that along with the rest of the house, these papers were very very clean.
Practice the digital dark arts for the good guys, and make more than an honest living as a White Hat Hacker. Information Security and related I.T. career fields can pay upwards of six figures within the first few years of employment, and this bundle will teach you the techniques to get you there. Learn to think like a hacker in order to stop attacks before they hit--saving the day one penetration test at a time.
With this bundle, you can master penetration testing in 7 courses (60+ hrs) that dig into Hacking Node.js Apps, Windows OS, Wi-Fi devices, and more.
How this “pay what you want” deal works: Simply beat the average price to unlock over 60+ hours of content in the White Hat Hacker Bundle.
Here's everything included in the bundle:1
The Complete Hacking Course: Go from Beginner to Advanced!
2Learn Wi-Fi Hacking/Penetration Testing From Scratch$199 Value 3Windows Exploit Development Megaprimer$99 Value 4Intensive Ethical Hacking Series$69 Value 5Ultimate Wi-Fi Hacking & Security Series$69 Value 6Node.js Security: Pentesting & Exploitation$65 Value 7Cross Site Scripting (XSS) Attacks for Pentesters$65 Value