Discover a new way to find and share stories you'll love… Learn about Reading Desk

All Blogs / Technology / Security / Popular


Former Apple Security Engineer To Apple: ‘Fix Your Sh-t’

If it wasn’t yet clear to Apple that its ‘gotofail’ security flaw has the undivided attention of the information security industry, one of its own recently departed star engineers just spelled out the severity of that bug in highly profane terms. “WHAT THE EVER LOVING FK, APPLE??!?!!” wrote former Apple security researcher Kristin Paget in [...]

Semantic Analysis of Native Programs, introducing CodeReason

Introduction Have you ever wanted to make a query into a native mode program asking about program locations that write a specific value to a register? Have you ever wanted to automatically deobfuscate obfuscated strings? Reverse engineering a native program involves understanding its semantics at a low level until a high level picture of functionality […]

Apple’s ‘Gotofail’ Security Mess Extends To Mail, Twitter, iMessage, Facetime And More

First, Apple revealed a critical bug in its implementation of  encryption in iOS, requiring an emergency patch. Then researchers found the same bug is also included in Apple’s desktop OSX operating system, a gaping Web security hole that leaves users of Safari at risk of having their traffic hijacked. Now one researcher has found evidence [...]

Stop Using Safari And Update iOS To Avoid Apple’s Critical ‘Gotofail’ Security Bug

On Friday, issued one major fix. Unfortunately, that’s one fix fewer than it needs to solve a major flaw in how its software protects users’ Internet connections. Researchers at the security firm Crowdstrike and elsewhere who reverse engineered Apple’s security update say that it reveals a security flaw not only in Apple’s iOS mobile operating [...]

WhatsApp Comes Under New Scrutiny For Privacy Policy, Encryption Gaffs

no doubt did its due diligence before acquiring messaging app firm WhatsApp for more than the gross domestic product of Iceland. But now that the deal’s been announced, the privacy community is subjecting the company to its own form of scrutiny, and finding a lot not to like. On Thursday, researcher Paul Jauregui of the [...]

How The Syrian Electronic Army Hacked Us: A Detailed Timeline

Early Thursday morning, a Forbes senior executive was woken up by a call from her assistant, saying that she’d be working from home due to a forecast predicting the snowiest day of the year. When she ended the call, the executive saw on her Blackberry that she had just received a bluntly worded email that [...]

iPhone App Invites Friends And Strangers To Eavesdrop Your Conversations And Offer Advice

For anyone who’s ever texted friends for advice while a date’s in the bathroom or worse, livetweeted a romantic encounter, there’s finally an app that takes that sort of real-time electronic oversharing to its logical conclusion. Late last week–just in time for Valentine’s Day–artist and software developer Lauren McCarthy launched Crowdpilot, an iOS app designed [...]

Credit Suisse, BAE Systems and a workshop on Cognitive Biases

The new Suits and Spooks website now features an in-depth look at highlights of our upcoming event at Fort Mason in San Francisco including: an early look at the agenda our speakers and topics plus a game-themed workshop on how to identify...Show More Summary

Ohio Bank Erroneously Files Many of Its Depositors for Bankruptcy

Israel sees credit card meltdown as California healthcare worker applicants wait for licenses

U.S. Gives Cybersecurity Advice to Critical Infrastructure Operators—But No Rules

Plus: Industrial control systems remain unguarded, and automakers won’t discuss onboard computer vulnerabilities

Hacked by the Syrian Electronic Army

Endgame wants to rewrite its reputation as a cyberwar arms dealer--without apologies.

Silk Road 2.0 ‘Hacked’ Using Bitcoin Bug, All Its Funds Stolen

The same bug that has plagued several of the biggest players in the Bitcoin economy may have just bitten the Silk Road. On Thursday, one of the recently-reincarnated drug-selling black market site’s administrators posted a long announcement to the Silk Road 2.0 forums admitting that the site had been hacked by one of its sellers, [...]

Toyota Recalls 1.9 Million Prius Hybrids Over Software Flaw

More than half of all Prius hybrids ever sold are affected by a software glitch that can cause overheating in its electronics

Five Men Arrested In Dutch Crackdown On Silk Road Copycat

The Silk Road anonymous black market for drugs thrived for two and a half years before it was taken down by the FBI and its alleged creator arrested in October. Its most recent copycat had a much shorter lifespan online: Nine days. Prosecutors in the Netherlands have announced the arrest of five men in association [...]

Inside Endgame: A Second Act For The Blackwater Of Hacking

Endgame wants to rewrite its reputation as a cyberwar arms dealer--without apologies.

Network Security Podcast, Episode 329

Hooray! The first podcast of the year where all three of us are actually on (and we ran slightly longer). BSidesSF and RSA are rapidly approaching, so Martin, Rich, and Zach are preparing in various capacities — from talk preparation, to scheduling meetings, to preparing their livers (namely because that’s about the only way to […]

The Way-Back Machine on APT: A Who or a What?

Kaspersky's latest report about The Mask reminded me that Mandiant never did issue a statement re-defining APT as a what and not a who as Richard Bejtlich and I and some other Mandiant executives discussed by phone on February 21, 2013. Show More Summary

The Day We Fight Back

I’m of mixed feelings about The Day We Fight Back.  I think it’s a necessary movement, I think our governments have lost their way and are becoming more facist every day.  I blieve we need to reign in what our law enforcement agencies can and should do.  But I have no illusions that a banner […]

Instagram Bug Would Have Let Hackers Peek At Private Photos For At Least Last Six Months

If at any point before last Tuesday you suddenly found your private Instagram pics embarrassingly exposed to public perusal, Christian Lopez might be able to offer an explanation. In August of last year, Lopez discovered a bug in Facebook’s popular photo-sharing app that would have let hackers invisibly switch a user’s Instagram privacy settings from [...]

Copyright © 2011 Regator, LLC