Information Security News
Aussie students expose Snapchat's inner workings
A group of Australian youngsters - all students with no formal education - have reverse engineered the Snapchat service using only its API (application program interface) and readily available InfoSec tools. Calling themselves 'Gibson Security' or ...
by Peter Bright
The National Security Agency's X-KEYSCORE program gives the spy agency access to a wide range of Internet traffic. Any information that isn't encrypted is, naturally, visible to passive Internet wiretaps of the kind the NSA and other intelligence agencies use. This in turn will typically expose such things as e-mails, online chats, and general browsing behavior.
And, according to slides published this weekend by Der Spiegel, this information also includes crash reports from Microsoft's Windows Error Reporting facility built in to Windows.
These reports will tell eavesdroppers what versions of what software someone is running, what operating system they use, and whenever that software has crashed. Windows also sends messages in the clear whenever a USB or PCI device is plugged in as part of its hunt for suitable drivers.
Dell, others named in NSA spying program
SC Magazine Australia
Applebaum told the 30c3 audience that he expects the InfoSec community to now search systems for evidence of the NSA malware in use. “A lot of malware researchers will have a lot to say about this in the future,” he said. Indeed, Applebaum referred to ...
Server vendors named in NSA spying toolkit
That said, the NSA's ANT team claimed to be pursuing a remote installation capability. THE SEARCH FOR MALWARE. Applebaum told the 30c3 audience that he expects the InfoSec community to now search systems for evidence of the NSA malware in use.
Salted Links: 30 December 2013
The final weeks of December, including Christmas and New Year's Eve, are the slowest days of the year for those who work in IT (and InfoSec). Offices are open, but only for a few days. The staffing is low, due to vacations or clipped overhead, and ...
Managing Cyber Security Threats from Inside
Smart Data Collective
Note: The following article is part of a shared content agreement between Online Tech and InfoSec Institute. This post is by Tom Olzak, a security researcher for the InfoSec Institute and an IT professional with over 27 years of experience in programming.