iPhone Kill Switch: How Effective Is It?
An interesting article from Darkreading by Eric Zeman titled ” iPhone Kill Switch: How Effective Is It?”
My iPhone 6 Plus was picked from my pocket in Barcelona in March as I walked home from dinner one evening. After speaking to local police for a few moments, I ran back to my hotel to locate the phone through Apple’s Find My iPhone tool. Too late. The thieves had already turned it off.
I always protect my phones, tablets, and computers with a password, so I was not worried about the thieves cracking into my handset and rooting through my personal information. Similarly, I backed the device up regularly, so there was nothing vital on the phone that I didn’t have stored elsewhere.
Last, I took advantage of the remote erase and lock functions so when the thieves turned the phone back on the first thing it would do was delete all my data and then turn into a useless brick.
to read more click here:
Converge 2015 – Hacking To Get Caught – Keynote
Description: Raphael Mudge, the creator of Armitage and Cobalt Strike, will talk about something awesome.
Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC based company that creates software for red teams. Raphael’s work Armitage pioneered ideas to allow red teams to collaborate and scale their efforts. He also worked on red team automation through DARPA’s Cyber Fast Track program. Besides Armitage, Raphael is the creator of the threat emulation software Cobalt Strike and the inventor of the grammar checker on WordPress.com. His work has appeared on the cover of the Linux Journal, the Fox sitcom Breaking In, and other publications. Raphael regularly speaks on security topics and provides red team support to many cyber defense exercises.
For More Information Please Visit: – http://www.convergeconference.org/
Bug exposes OpenSSH servers to brute-force password guessing attacks
Bug exposes OpenSSH servers to brute-force password guessing attacks
A bug in OpenSSH, the most popular software for secure remote access to UNIX-based systems, could allow attackers to bypass authentication retry restrictions and execute many password guesses. A security researcher who uses the online alias Kingcope disclosed the issue on his blog last week, but he only requested a public vulnerability ID to be assigned Tuesday. By default, OpenSSH servers allow… READ MORE
Researchers Enlist Machine Learning In Malware Detection
A posting from dark reading by Kelly Jackson Higgins titled “Researchers Enlist Machine Learning In Malware Detection ”
No sandbox required for schooling software to speedily spot malware, researchers will demonstrate at Black Hat USA.
In 100 milliseconds or less, researchers are now able to determine whether a piece of code is malware or not — and without the need to isolate it in a sandbox for analysis.
Welcome to the age of machine learning as a tool for more efficiently detecting malware, via so-called “deep learning” techniques. Researchers have built a special machine learning tool module that employs static analysis of a piece of code to quickly spot — and ultimately, stop — malware infections. A pair of researchers plans to demonstrate live at Black Hat USA next month just how this approach can spot malware from live malware feeds.
Matt Wolff, chief data scientist at Cylance, says his team is applying deep learning–a more granular subset of machine learning–to malware detection by training the software via legitimate files and malicious ones, and teaching the application/algorithm which is which. The application then can take files it’s never seen before and spot malware, he says.
To read more click here:
Windows 10 Will Use Virtualization For Extra Security
An interesting article from informationweek by Kelly Sheridan titled ” Windows 10 Will Use Virtualization For Extra Security”
When we’re talking about Windows 10features, security upgrades are often edged out of the spotlight by flashy additions like Cortana for desktop, Microsoft Edge, and Universal Apps.
Perhaps this is because Microsoft is targeting a broad consumer audience with its new operating system, and many people don’t care quite as much about nitty-gritty security details as they do about the return of the Start menu. Increased security is not an attention-grabber for everyone.
That said, there are still plenty of consumers and enterprise customers who want to know how their devices and data will be protected on Windows 10. We’re living and working in an age of heightened security risk. The question is not whether an attack will happen, but when.
[CIOs Aren’t Getting What They Need From CRM]
“The threats that we’re seeing are dramatically different from what we saw four years ago,” Chris Hallum, senior product manager for Windows business security, said in an interview with InformationWeek. “Organizations are still getting breached, even when they have the very best security solutions.”
Today’s attacks are more aggressive and targeted. Detection-based models for pinpointing malware are no longer enough. Most hackers use one of two avenues in a security breach: identity theft and increasingly advanced malware.
To read more click here:
Ashley Madison Exposed: Affair Hookup Site Hacked, Member Data Posted Online
A posting from Dark Reading by Quick Hits titled ” Ashley Madison Exposed: Affair Hookup Site Hacked, Member Data Posted Online”
Member data pilfered, posted in apparent hacktivist-style doxing attack.
Call it hacktivism with a spin: a controversial website for people seeking others who want to have an affair was hacked and personal details of its members leaked online.
The CEO of Ashley Madison, a controversial website that facilitates adulterous affairs and hookups, confirmed to Krebs On Security that it was hacked and possibly by or with the help of an insider who is not an employee.
The attacker or attackers claiming responsibility call themselves The Impact Team, and said in an online statement that it grabbed data on all of the 37 million users of Ashley Madison and its sister sites Couger Life and Established Men. All three sites are owned by Avid Life Media (ALM).
To read more click here:
