Information Security News
by beats by dr dre colors
Overlooked in last week's revelation that the National Security Agency is harvesting hundreds of millions of e-mail address books around the world was this surprising factoid: Apple makes this mass collection easier because the Address Book app that by default manages Mac contacts doesn't use HTTPS encryption when syncing with Gmail accounts.
As a result, addresses that automatically travel between Macs and Google servers are sent as plain text, independent privacy researcher Ashkan Soltani wrote in The Washington Post last Monday. He provided the above screenshot demonstrating that Address Book contents appear in the clear to anyone who has the ability to monitor traffic over a Wi-Fi network or other connection. His observation came 15 months after another Mac user also warned that the Mac app offered no way to enable HTTPS when syncing e-mail address lists with Gmail.
"It appears that it's an Apple issue," Soltani told Ars, referring to the inability to enable HTTPS when Apple's Address Book is updated to a user's Gmail account. "Their other products support Gmail over via HTTPS, so I suspect it would be a three-line fix in the contacts to alleviate this problem."
by Beats By Dr Dre
by pandora dog charms
A consumer VPN service called CryptoSeal Privacy has shut down rather than risk government intrusions that could cost the company money in legal fees and threaten user privacy.
With immediate effect as of this notice, CryptoSeal Privacy, our consumer VPN service, is terminated. All cryptographic keys used in the operation of the service have been zerofilled, and while no logs were produced (by design) during operation of the service, all records created incidental to the operation of the service have been deleted to the best of our ability.
Essentially, the service was created and operated under a certain understanding of current US law, and that understanding may not currently be valid. As we are a US company and comply fully with US law, but wish to protect the privacy of our users, it is impossible for us to continue offering the CryptoSeal Privacy consumer VPN product.
VPN services let consumers gain extra privacy and security while using the Internet. A user establishes an encrypted connection with a VPN service, routing all Internet traffic to the VPN before sending it on to the rest of the Internet.
An identity theft service that prosecutors say illegally sold social security numbers, birth dates, driver license numbers, and other sensitive data for more than 500,000 people purchased much of the information from credit service Experian, according to a report published Sunday night.
The revelation, reported by KrebsOnSecurity journalist Brian Krebs, is striking because Experian is one of the three major credit services. Experian also sells its own line of services for preventing identity theft. That means the company was in a position to profit not only from the data it reportedly sold to underground service Superget.info but also from the demand the underground site created for Experian's credit-monitoring and other identity theft protection services. Sunday's report comes four weeks after Krebs reported that members of a different identity theft ring hacked into LexisNexis and two other data brokers and obtained personal information belonging to at least one million people.
Interestingly, Krebs reports that the alleged proprietor of Superget.info paid Experian for his monthly data access using wire transfers sent from Singapore. Experian, which by law is required to restrict access to private investigators and other users for "permissible purposes," should have regarded the unusual payment arrangement as a red flag that the account was being used for fraudulent purposes, according to critics. Superget.info gained access to Experian's databases by posing as US-based private investigators even though the people who ran the service were located overseas.
by Canada Goose Jacket
by pandora jewelry
by pandora charms
by beats by dr dre on sale
by louis vuitton outlet san marcos
by pandora bracelet
Lay Your Chips Down: An Infosec Venture Capital Roundup
A group of investors led by venture capital firm Split Rock Partners has provided $15 million in new funding to Vormetric, the San Jose-based firm that specializes in security and encryption services for virtual, cloud-based and physical environments.
SANS Institute to host Virtual Careers Fair for InfoSec professionals across ...
The SANS Institute will be running a Virtual Careers Fair over 29th & 30th of November aimed at connecting organisations and recruiters from across the UK to a vast pool of fully validated InfoSec professionals. The online event includes full access to ...
by Barbour Jackets
by louis vuitton factory outlet
InfoSec Mag: Next-gen firewalls play by new rules
SYS-CON Media (press release)
SYS-CON MEDIA Authors: Cloud Ventures, Nina Moon, Tim Crawford, RealWire News Distribution, Kevin Jackson. Blog Feed Post. InfoSec Mag: Next-gen firewalls play by new rules. By David Strom. Article Rating: Select rating, Give it 1/5, Give it 2/5, Give ...