Information Security News
by cheap nba swingman jerseys
Wisegate Announces Key Results of First Security Benchmark Survey ...
4-traders (press release)
It includes a range of topics from company security posture to current security policies and procedures, InfoSec involvement in IT operations and CISO career challenges. "By publishing the results of the first IT Security survey developed by senior ...
Ars expressed surprise on Monday that a hacker was able to bypass fingerprint protection less than 48 hours after its debut in Apple's newest iPhone, but not everyone felt the same. The hack, carried out by well-known German hacker Starbug, required too much expertise and pricey equipment to make it practical according to critics.
Marc Rogers, a security expert at smartphone security firm Lookout, was among the skeptics. After independently devising his own bypass of Apple's Touch ID, he concluded it was anything but easy. "Hacking Touch ID relies upon a combination of skills, existing academic research, and the patience of a Crime Scene Technician," he wrote. Rogers went on to say no one would know just how feasible Starbug's hack was until he released a step-by-step video and we learned more technical details.
We now have both. Heise Online has posted the video here, and it was enough to satisfy Rob Graham, a security expert who donated $500 to the first person to hack Touch ID. Ars has also heard directly from Starbug, who like us and several security experts, was surprised how little time and effort his bypass required.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Study highlights the ups and downs of infosec management
September 24, 2013 — A new study from Harris Interactive, sponsored by identity and access management firm Courion, offers some interesting insight into the risk profile of more than 2,000 adults. The study was commissioned by Courion to focus on ...
More than two years after unknown hackers gained unfettered access over multiple computers used to maintain and distribute the Linux operating system, officials still haven't released a promised autopsy about what happened.
The compromise, which began no later than August 12, 2011, wasn't detected for at least 16 days, a public e-mail and interviews immediately following the intrusion revealed. During that time, attackers were able to monitor the activities of anyone using the kernel.org servers known as Hera and Odin1, as well as personal computers belonging to senior Linux developer H. Peter Anvin. The self-injecting rootkit known as Phalanx had access to a wealth of sensitive data, possibly including private keys used to sign and decrypt e-mails and remotely log in to servers. A follow-up advisory a few weeks later opened the possibility that still other developers may have fallen prey to the attackers.
For three weeks in September and early October, officials kept kernel.org closed so the servers that run it could be rebuilt. When the site reopened on October 4, a message on the front page prominently warned of the breach and noted the steps taken to rebuild the site. "Thanks to all for your patience and understanding during our outage and please bear with us as we bring up the different kernel.org systems over the next few weeks," the message concluded. "We will be writing up a report on the incident in the future."
Pitfalls of Professionalizing InfoSec
Professionalizing occupations within the cybersecurity field won't necessarily help fill vacant IT security jobs in government and industry, says Diana Burley, an IT security workforce expert. Take, for instance, a cybersecurity occupation that ...
Posted by InfoSec News on Sep 24http://www.techweb.com.cn/internet/2013-09-23/1327057.shtml
Posted by InfoSec News on Sep 24http://www.zdnet.com/charlatan-hijacks-iphone-5s-fingerprint-hack-contest-fools-press-7000020978/
Posted by InfoSec News on Sep 24http://www.csoonline.com/article/740164/why-the-state-of-application-security-is-not-so-healthy