Weekend Update

A quick Saturday digest of cybersecurity news articles from Bruce Schneier.


Why We Can’t Give the Cops Encryption Back Doors

Bruce Schneier explains once again why encryption back doors for cops means back doors for crooks too.  “The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists ...

Continue Reading →
0

North Koreans At It Again with ELECTRICFISH

US-CERT and CISA recently released a warning about a new tunneling malware application that the North Korean cyber operations group is using to move information from one computer to another, in order to exfiltrate that data. You can read about it at Malware Analysis Report (AR19-129A) MAR-10135536-21 – North Korean Tunneling Tool: ELECTRICFISH

“This report provides analysis of one malicious 32-bit Windows executable file. The malware implements a custom protocol that allows traffic to be tunneled between ...

Continue Reading →
0

Does Microsoft’s Office365 Cloud Service Have Security Flaws?

Have you recently migrated to Microsoft Office 365 for your company email services?  US-CERT and CISA recently released  Analysis Report (AR19-133A) Microsoft Office 365 Security Observations that described several security flaws or weaknesses inherent in the default deployment of O365.

Here are the findings of that report.  The good news is that these are shortcomings with the default, out-of-box experience.  These issues can be corrected through configuration.  For ...

Continue Reading →
0

Guest Post – The Definitive Guide To VPNs – Part 4

Last week we took a deeper look at VPN services courtesy of a guest post from The Gadget Enthusiast.  This article concludes the series.

VPN and Torrenting

Torrents are just the files that contain the information related to other files and folders that are distributed across the computers. For example, if you want to download a movie using torrent, then a ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Update Your TOR Browser

Update your Firefox to version 66.0.4 and your TOR browser to version 8.0.9 to fix the problem with intermediate certificate verification.


FTC Releases Article on Keeping Children Safe Online

Original release date: April 26, 2019

The Federal Trade Commission (FTC) has released an article with tips for parents to keep their ...

Continue Reading →
0

Fallout, RIDL, ZombieLand, MDSUM and other MDS Vulnerabilities

Last year we covered the SPECTRE and MELTDOWN vulnerabilities that affected Intel processors.  This year security researchers have discovered a new series of vulnerabilities around the Microacrhitecture Data Sampling MDS process.  This vulnerability would allow an attacker to read data as it crossed the L1 and L2 data caches on the processor.   These vulnerabilities can affect cloud computing services, and be leveraged by ...

Continue Reading →
0
Page 3 of 71 12345...»