more news below
Follow @zqure
Saturday, August 31, 2013
German Government Warning Not To Use Windows 8
LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA | InvestmentWatch: "The backdoor is called “Trusted Computing,” developed and promoted by the Trusted Computing Group, founded a decade ago by the all-American tech companies AMD, Cisco, Hewlett-Packard, IBM, Intel, Microsoft, and Wave Systems. Its core element is a chip, the Trusted Platform Module (TPM), and an operating system designed for it, such as Windows 8. Trusted Computing Group has developed the specifications of how the chip and operating systems work together."
more news below
Follow @zqure
more news below
Follow @zqure
Thursday, August 29, 2013
Open Sourcers, Secure Email
Open Sourcers Pitch Secure Email in Dark Age of PRISM | Wired Enterprise | Wired.com: "...“E-mail is going to be with us for a long time,” says Bjarni RĂșnar Einarsson, a software developer and member of the Icelandic Pirate Party. “We need to do what we can to make it more secure.” Einarsson is doing his part with Mailpile, an open source web-based e-mail client that you can run on your own computer or in the cloud. With this creation, he hopes to make it easier for every day users to encrypt their mail — without giving up the sort of search tools they get from a service like Google’s Gmail. The team has already raised over $100,000 dollars on the crowdfunding site Indie GoGo to fund its future development...."
http://mailpile.is/
http://www.indiegogo.com/projects/mailpile-taking-e-mail-back
https://mykolab.com/
more news below
Follow @zqure
http://mailpile.is/
http://www.indiegogo.com/projects/mailpile-taking-e-mail-back
https://mykolab.com/
more news below
Follow @zqure
Tuesday, August 27, 2013
Encryption, Protecting Privacy
Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance | Freedom of the Press Foundation: Table of Contents -
Threat Model
Crypto Systems
Software You Can Trust
Anonymize Your Location with Tor
Off-the-Record (OTR) Chat
"Pretty Good Privacy" (PGP) Email Encryption
Tails: The Amnesic Incognito Live System
A Fighting Chance
(read more at links above)
more news below
Follow @zqure
Threat Model
Crypto Systems
Software You Can Trust
Anonymize Your Location with Tor
Off-the-Record (OTR) Chat
"Pretty Good Privacy" (PGP) Email Encryption
Tails: The Amnesic Incognito Live System
A Fighting Chance
(read more at links above)
more news below
Follow @zqure
Saturday, August 24, 2013
BIND Vulnerablilty, DNS Cache Poisoning Attack
BIND Vulnerablilty Enables DNS Cache Poisoning Attack | Threatpost: "A vulnerability in the BIND domain name system (DNS) software could give an attacker the ability to easily and reliably control queried name servers chosen by the most widely deployed DNS software on the Internet, according to new research presented at the Woot Conference in Washington D.C. today. The Internet Systems Consortium has acknowledged the vulnerability."
more news below
Follow @zqure
more news below
Follow @zqure
Thursday, August 22, 2013
10 Security Facts
Good read -- but call them "facts" not "laws" --
10 Immutable Laws of Security: (read full article at the link)
Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more
Law #5: Weak passwords trump strong security
Law #6: A computer is only as secure as the administrator is trustworthy (take notice NSA)
Law #7: Encrypted data is only as secure as the decryption key
Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
Law #9: Absolute anonymity isn't practical, in real life or on the Web
Law #10: Technology is not a panacea
10 Immutable Laws of Security: (read full article at the link)
Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more
Law #5: Weak passwords trump strong security
Law #6: A computer is only as secure as the administrator is trustworthy (take notice NSA)
Law #7: Encrypted data is only as secure as the decryption key
Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
Law #9: Absolute anonymity isn't practical, in real life or on the Web
Law #10: Technology is not a panacea
Tuesday, August 20, 2013
Secure email service? Not if NSA has its way
Silent Circle sees 'writing on the wall,' shuts down secure email service | The Verge: "Phil Zimmerman’s encrypted communications company Silent Circle is shuttering its Silent Mail email service after another secure email service used by NSA leaker Edward Snowden, called Lavabit, closed down earlier today. Silent Circle wrote that it saw "the writing on the wall" after Lavabit owner Ladar Levison explained he was being forced to "become complicit in crimes against the American people or walk away." Silent Circle’s other services, Silent Phone and Silent Text, are completely end-to-end encrypted; only the users hold the keys needed to decrypt the messages, so even if the company were compelled to produce evidence in court, it wouldn’t have access to its customers’ communications in a usable form. But the protocols used for email — SMTP, POP3, and IMAP — can’t be secured, facing the team with a dilemma: continue providing Silent Mail, which offers similar privacy protections as other secure email services, or ditch the service altogether."
more news below
Follow @zqure
more news below
Follow @zqure
Saturday, August 17, 2013
NSA secrets kill Trust
Opinion: NSA secrets kill our trust - CNN.com: "Both government agencies and corporations have cloaked themselves in so much secrecy that it's impossible to verify anything they say; revelation after revelation demonstrates that they've been lying to us regularly and tell the truth only when there's no alternative."
more news below
Follow @zqure
more news below
Follow @zqure
Thursday, August 15, 2013
Anyone could be a NSA Target
Weak or non-existent Congressional oversight, secret "rubber stamp" courts, inept Presidential leadership, all lead to one conclusion -- an out-of-control electronic spy agency could make anyone a "target"--
What It Means to Be An NSA "Target": New Information Shows Why We Need Immediate FISA Amendments Act Reform | Electronic Frontier Foundation: "An important New York Times investigation from today reporting that the NSA "is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country," coupled with leaked documents published by the Guardian, seriously calls into question the accuracy of crucial statements made by government officials about NSA surveillance."
more news below
Follow @zqure
What It Means to Be An NSA "Target": New Information Shows Why We Need Immediate FISA Amendments Act Reform | Electronic Frontier Foundation: "An important New York Times investigation from today reporting that the NSA "is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country," coupled with leaked documents published by the Guardian, seriously calls into question the accuracy of crucial statements made by government officials about NSA surveillance."
more news below
Follow @zqure
Tuesday, August 13, 2013
Oil and Gas Cyber Security
SMi's 3rd annual Oil and Gas Cyber Security conference, taking place on 25-26 November in London, will feature an array of global project updates from oil and gas companies including Petroleum Development Oman, Shell and GDF Suez, among others.
IT Business Net
Cyber criminals are increasingly sophisticated, highly organised and constantly inventing ways to bypass traditional defences such as anti-virus and firewalls.
Cyber criminals are increasingly sophisticated, highly organised and constantly inventing ways to bypass traditional defences such as anti-virus and firewalls.
Broadway World
EAST BRUNSWICK, NJ and OAKBROOK TERRACE, IL(Marketwired - Aug 5, 2013) - Tetrus Corporation, a leading provider of information sharing, collaboration ...
EAST BRUNSWICK, NJ and OAKBROOK TERRACE, IL(Marketwired - Aug 5, 2013) - Tetrus Corporation, a leading provider of information sharing, collaboration ...
FutureGov Magazine
The two agencies aim at the joint development of a strategic plan for national cyber security (2013-2017). The Minister for ICT, Anudith Nakornthap, said, “Cyber ...
Is cyber insurance AAA for data or another back door? - BetaNews
The two agencies aim at the joint development of a strategic plan for national cyber security (2013-2017). The Minister for ICT, Anudith Nakornthap, said, “Cyber ...
Is cyber insurance AAA for data or another back door? - BetaNews
Robert X. Cringely
Data theft is being viewed as a military problem and the term cyber warfare is ...
Data theft is being viewed as a military problem and the term cyber warfare is ...
BetaNews
Follow @zqure
Saturday, August 10, 2013
Asia's Cyber Security Battleground
Asia's Cyber Security Battleground
Diplomatic Courier (blog)
The Obama Administration has had a rough time dealing with cyber security ... Dr. Schneck's opening remarks included details form the recent cyber-attack on ...
The Obama Administration has had a rough time dealing with cyber security ... Dr. Schneck's opening remarks included details form the recent cyber-attack on ...
Drives & Controls
Rockwell Automation has announced an initiative to help manufacturers to cut risks to their control systems from cyber-security threats. The initiative aims to help ...
Rockwell Automation has announced an initiative to help manufacturers to cut risks to their control systems from cyber-security threats. The initiative aims to help ...
TechWeekEurope UK
At a time of successful and continued growth, Thales Cyber Security are recruiting for talented, passionate IT, Network and Security Architects to join their ...
At a time of successful and continued growth, Thales Cyber Security are recruiting for talented, passionate IT, Network and Security Architects to join their ...
Thursday, August 8, 2013
Latest cyber security technologies
Latest cyber security technologies to be demonstrated to industry ...Military & Aerospace Electronics
Cyber warfare experts at the U.S. Department of Homeland Security (DHS) in Washington are going to Silicon Valley to demonstrate recently developed cyber ...
Military & Aerospace Electronics
more news below
Follow @zqure
Cyber warfare experts at the U.S. Department of Homeland Security (DHS) in Washington are going to Silicon Valley to demonstrate recently developed cyber ...
Military & Aerospace Electronics
more news below
Follow @zqure
Tuesday, August 6, 2013
Tango Hacked -- Is Your Site Next?
WordPress is a very popular platform for blog-style websites, and as such it's a prime target for attack. If your site relies on WordPress, you absolutely must keep the platform up to date, as many of the updates patch serious security vulnerabilities. (source infra)
Syrian Electronic Army Hacked Tango Chat App; Is Your Site Next?: " . . . The biggest entry point for hackers, and the hardest to secure, is attack by social engineering. For example, one employee of The Onion was fooled by a phishing message into entering Google Apps credentials on a bogus site. Those credentials gave hackers access to all of The Onion's social media accounts. They also used the hacked account to broadcast a second phishing attack to more of the staff. You need a multi-layered defense against this kind of attack. Create and enforce a policy that all employees must use strong passwords. Educate them on how to spot fraudulent email messages, and what to do with links in emails (don't click them!). Limit your potential losses by giving each employee access to only those accounts and resources needed for the job. And be prepared for the eventuality that despite all your precautions, some schmo will fall for a phishing message and thereby compromise your site. . . ."
more news below
Follow @zqure
Syrian Electronic Army Hacked Tango Chat App; Is Your Site Next?: " . . . The biggest entry point for hackers, and the hardest to secure, is attack by social engineering. For example, one employee of The Onion was fooled by a phishing message into entering Google Apps credentials on a bogus site. Those credentials gave hackers access to all of The Onion's social media accounts. They also used the hacked account to broadcast a second phishing attack to more of the staff. You need a multi-layered defense against this kind of attack. Create and enforce a policy that all employees must use strong passwords. Educate them on how to spot fraudulent email messages, and what to do with links in emails (don't click them!). Limit your potential losses by giving each employee access to only those accounts and resources needed for the job. And be prepared for the eventuality that despite all your precautions, some schmo will fall for a phishing message and thereby compromise your site. . . ."
more news below
Follow @zqure
Saturday, August 3, 2013
Google Engineer Wins NSA Award but Says NSA Should Be Abolished
"I don’t want to live in a country with an organization like the NSA is right now."
Tikkun Daily Blog » Blog Archive » Google Engineer Wins NSA Award, Then Says NSA Should Be “Abolished”: "In an interview with Andy Cush at Animal, Bonneau went even farther in his critiques of the NSA: I’d rather have it abolished than persist in its current form. I think there’s a question about whether it’s possible to reform the NSA into something that’s more reasonable…But my feeling based on what I’ve read is that I don’t want to live in a country with an organization like the NSA is right now. When Bonneau learned that he has won the award from the NSA, he considered turning it down. However, he ultimately decided upon accepting as a way to potentially bridge academic gaps with the NSA, as a means of opening up at least one avenue into the organization that has been mostly closed."
more news below
Follow @zqure
Tikkun Daily Blog » Blog Archive » Google Engineer Wins NSA Award, Then Says NSA Should Be “Abolished”: "In an interview with Andy Cush at Animal, Bonneau went even farther in his critiques of the NSA: I’d rather have it abolished than persist in its current form. I think there’s a question about whether it’s possible to reform the NSA into something that’s more reasonable…But my feeling based on what I’ve read is that I don’t want to live in a country with an organization like the NSA is right now. When Bonneau learned that he has won the award from the NSA, he considered turning it down. However, he ultimately decided upon accepting as a way to potentially bridge academic gaps with the NSA, as a means of opening up at least one avenue into the organization that has been mostly closed."
more news below
Follow @zqure
Thursday, August 1, 2013
US Marshals Lose Track of Encrypted Radios Worth Millions
The biggest security risks ALWAYS come from inside--
more news below
Follow @zqure
Subscribe to:
Posts (Atom)