Russia is to crack the Tor anonymity network out of high reward. According to British media reports, offering a reward of 3.9 million Russian rubles (about 680,000 yuan), hoping to find crack Tor anonymity network called the program.
The anonymous network hides the user's location and identity, let them through computers on the network to upload a lot of data, and the program is encrypted. Russia's Interior Ministry made this reward decision and said it was to 'ensure the country's defense and security.' This award rule only applies to the Russian people; the program submission deadline is August 13. Applicants need to pay 19.5 million rubles (about 34,000 yuan), to participate in competitions.
Read moreOffice equipment carries out attacks to an internal network by means of SMB protocol.
Malicious software is set on Chinese scanners for the purpose of information plunder. Several scanners–spies were sold by many companies, including the well known company of equipment production. Some versions of malicious software blocked system work, and abducted data on finance, data on clients, and about deliveries. Stolen information was given to the company producer. Information security specialist considers that the company producer who sold infected scanners could be connected with criminals who made attack to the Google Company, called Aurora.
Read moreA new kind of tracking tool, canvas fingerprinting, is being used to follow visitors to thousands of top websites.
A new, extremely persistent type of online tracking is shadowing visitors to thousands of top websites, from WhiteHouse.gov to YouPorn.com. First documented in a forthcoming paper by researchers at Princeton University and KU Leuven University in Belgium, this type of tracking, called canvas fingerprinting, works by instructing the visitor’s Web browser to draw a hidden image. Because each computer draws the image slightly differently, the images can be used to assign each user’s device a number that uniquely identifies it.
Read moreThe problem of information security is very important in the world where mobile devices are popular. In order to determine the location of a person, an attacker needs only data that is transmitted by the phone.
Electronic Frontier Foundation Corporation has published a report about the presence of vulnerabilities in Android devices. This vulnerability enables an attacker to determine the movement route of the user on the basis of information about Wi-Fi networks connected by the user. The problem is in PNO function (Preferred Network Offload), which was first introduced in Android 3.1 Honeycomb.
Read moreForensic scientist and author Jonathan Zdziarski has demonstrated a number of undocumented high-value forensic services running on every iOS device and suspicious design omissions in iOS that make collection easier.
He also provided examples of forensic artifacts acquired that should never come off the device without user consent. At the Hackers On Planet Earth conference in New York, Zdziarski revealed a slide, called ‘Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices.
Read moreThe found vulnerabilities allow hackers to get into user accounts which are stored in managers. Researchers from the University of California have discovered vulnerabilities in five well-known password managers such as RoboForm, LastPass, My1Login, PasswordBox and NeedMyPassword.
They could take user accounts to any sites. The vulnerabilities were found in many password manager features, including one-time password, bookmarklets and shared password. Logic and authorization mistakes, even irregular web security model could cause vulnerability. Moreover such vulnerabilities as cross-site request forgery, and cross-site scripting were found.
Read moreNSA whistleblower Edward Snowden dropped his two cents on file storage security in an interview with The Guardian on Thursday.
He thinks Dropbox, the cloud storage firm with over 200 million users, is “hostile to privacy,” and urged people to switch to what he calls more-secure storage services like SpiderOak. “Dropbox is a targeted wannabe PRISM partner,” Snowden told The Guardian. “They just put Condoleezza Rice on their board, who is probably the most anti-privacy official you can imagine … So they’re very hostile to privacy.” Snowden said that a company like SpiderOak is better because it offers “zero knowledge,” a term used to describe services that have zero access to the data they are storing on their servers.
Read moreOver six weeks after Google launched their form for Europeans who want to make their Right To Be Forgotten request, Microsoft Bing has launched theirs over here.
The form does differ from Google’s but both Google and Bing, as well as other search engines, have the obligation to follow the mandate and review each request submitted to them. The form gives Microsoft enough details to make a decision on if they will remove content from their search listings or leave it, based on the EU mandate established about two months ago. If you are a European resident and want to request that Microsoft block search results on Bing in response to searches on your name, please use this form.
Read moreGeorge Hotz, best known for hacking Sony's PS3 and the iPhone, has been snapped up for Google's vulnerability research team Project Zero.
Google has hired a prolific hacker by the name of George Hotz to join the Project Zero team. Hotz is well-known for hacking Sony's PlayStation 3 and Apple's iPhone. The 24-year-old — also known as geohot — hacked into the PlayStation 3 in order to install alternate operating system software, with the intention of playing pirated games. Hotz was then subsequently sued by Sony, although the matter was settled outside the courtroom. The hacker is also known for unlocking Apple's iPhone. Now, after a brief stint at Facebook several years ago, Hotz has found a home with Google.
Read moreHackers could inject fake video into popular home surveillance kit Dropcam and use the system to attack networks, researchers Patrick Wardle and Colby Moore say.
The wide-ranging attacks were tempered by the need for attackers to have physical access to the devices but the exploits offer the chance to inject video frames into cameras - handy for home robberies - intercept video, and exploit the Heartbleed vulnerability to pull passwords and SSL server's private key. Dropcam makes a video monitoring platform and was last month snapped up by Google's Nest Labs for $US555 million.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland