Forgot your password?
typodupeerror

+ - Akamai admits its OpenSSL patch was faulty, reissues keys->

Submitted by angry tapir
angry tapir (1463043) writes "Akamai Technologies, whose network handles up to 30 percent of all Internet traffic, has admitted that a researcher found a fault in custom code that the company thought shielded most of its customers from the Heartbleed bug. As a result, Akamai is now reissuing all SSL (Secure Sockets Layer) certificates and security keys used to create encrypted connections between its customer's websites and visitors to those sites."
Link to Original Source

+ - Australia may 'pause' trades to tackle high-frequency trading->

Submitted by angry tapir
angry tapir (1463043) writes "The Australian Securities and Investment Commission (ASIC), a government financial watchdog, is reportedly contemplating the idea of implementing a 500 millisecond delay on trades in an effort to put the brakes on high-frequency trading. ASIC last year knocked back the idea and stated that fears about HFT were overblown. However, in a government inquiry today representatives of the organisation said the idea of a 'pause' is still on the table."
Link to Original Source

+ - Mt. Gox kept exchange open despite knowledge of large-scale theft, filing sugges->

Submitted by angry tapir
angry tapir (1463043) writes "Mt. Gox may have collected a large sum in trading fees in the weeks before its closure, even though it was already aware that a vast number of bitcoins had gone missing, its U.S. bankruptcy filing suggests. A sworn declaration in the filing from Robert Karpeles, Mt. Gox 's CEO, reveals that the Bitcoin exchange knew in early February that its situation was far graver than it had disclosed at the time."
Link to Original Source

+ - Large DDoS attack brings WordPress pingback abuse back into spotlight->

Submitted by angry tapir
angry tapir (1463043) writes "Attackers have abused the WordPress pingback feature, which allows sites to cross-reference blog posts, to launch a large-scale, distributed denial-of-service (DDoS) attack, according to researchers from Web security firm Sucuri. The attack involved over 162,000 legitimate WordPress websites being forced to send hundreds of requests per second to a popular WordPress site, preventing access to it for many hours. The attack exploited an issue with the XML-RPC (XML remote procedure call) implementation in WordPress that's used for features like pingback, trackback, remote access from mobile devices and others, and brought back into the spotlight the denial-of-service risks associated with this functionality that have been known since 2007."
Link to Original Source

+ - Thanks a million, Drupal!->

Submitted by angry tapir
angry tapir (1463043) writes "Drupal, an open source content management system, now powers more than 1 million websites, according to figures released today. As of 15 February, 1,005,489 websites were powered by the CMS, according to the Drupal Association, a non-profit organisation that stewards the project. It's heady stuff for an open source project born out of the desire of its creator, Dries Buytaert, to experiment with Web technologies."
Link to Original Source

+ - Is RSA's Chairman Art Coviello in denial?->

Submitted by angry tapir
angry tapir (1463043) writes "In an interview given to the Australian media at RSA Conference this week, RSA Chairman Art Coviello said "It is against the law for the NSA to spy in the US and if they've done anything illegal, which, again, within US law, people might have commented that they have in the press, but no legal authority seems to be raising that as an issue." It's clear that Coviello has either not kept up with what's been going on, is in denial or deliberately attempting to mislead."
Link to Original Source

+ - ICANN considers using '127.0.53.53' to tackle DNS namespace collisions-> 1

Submitted by angry tapir
angry tapir (1463043) writes "As the number of top-level domains undergoes explosive growth, the Internet Corporation for Assigned Names and Numbers (ICANN) is studying ways to reduce the risk of traffic intended for internal network destinations ending up on the Internet via the Domain Name System. Proposals in a report produced on behalf of ICANN include preventing .mail, .home and .corp ever being Internet TLDs; allowing the forcible de-delegation of some second-level domains in emergencies; and returning 127.0.53.53 as an IP address in the hopes that sysadmins will have a WTF moment and Google it."
Link to Original Source

+ - Hackers circulate thousands of FTP credentials, New York Times among those hit->

Submitted by angry tapir
angry tapir (1463043) writes "Hackers are circulating credentials for thousands of FTP sites and appear to have compromised file transfer servers at The New York Times, UNICEF and other organizations, according to a security expert. The hackers obtained credentials for more than 7000 FTP sites and have been circulating the list in underground forums, said Alex Holden, chief information security officer for Hold Security, a Wisconsin-based company that monitors cyberattacks."
Link to Original Source

+ - Australian police deploy 3D crime scene scanner-> 1

Submitted by angry tapir
angry tapir (1463043) writes "Police in the Australian state of Queensland will employ a handheld laser scanner that can be used to map crime scenes, including in areas where there is no GPS reception. The police will use the Australian developed Zebedee laser scanner: A LiDAR scanner that is mounted on a spring. As a user walks around, the spring moves and the scanner captures the surrounding area. Software processing then uses the data to construct a 3D model. Previously the technology has been used to capture areas of cultural significance, such as the interior of the Leaning Tower of Pisa. As an added bonus, the Zebedee looks ridiculous when in use."
Link to Original Source

+ - Chromebooks getting VMware virtual desktop service->

Submitted by angry tapir
angry tapir (1463043) writes "VMware will offer virtual desktop services for Google's Chromebooks, allowing them to run Windows applications on the pared-down laptops based on the Chrome OS. Organizations could save as much as US$5,000 per computer by using a combination of Chromebooks and VMware managed services, Google has estimated."
Link to Original Source

+ - LinkedIn ditches feature that was a 'dream for attackers'->

Submitted by angry tapir
angry tapir (1463043) writes "LinkedIn is shutting down Intro, its recently launched mobile service for connecting people over email, that raised security concerns. Intro was launched last October and described at the time as a 'dream come true for hackers' The service was made for the iPhone, and was designed to grab LinkedIn profile information and insert it into emails received on phones. The service displayed that information to the recipient from the email's sender if the sender was also on LinkedIn."
Link to Original Source

+ - Oracle broadens legal fight against third-party Solaris support providers-> 1

Submitted by angry tapir
angry tapir (1463043) writes "Oracle is continuing its legal battle against third-party software support providers it alleges are performing such services in a manner that violates its intellectual property. Last week, Oracle sued StratisCom, a Georgia company that offers customers support for Oracle's Solaris OS, claiming it had "misappropriated and distributed copyright, proprietary software code, along with the login credentials necessary to download this code from Oracle's password-protected websites.""
Link to Original Source

+ - Security vendors self-censor Target breach details->

Submitted by angry tapir
angry tapir (1463043) writes "At least three security companies have scrubbed information related to Target from the Web, highlighting the ongoing sensitivity around one of the largest-ever data breaches. How hackers broke into Target and installed malware on point-of-sale terminals that harvested up to 40 million payment card details is extremely sensitive. Now, details that give insight into the attack are being hastily removed or redacted by security companies."
Link to Original Source

+ - Target-related malware was a side job for man living in Russia->

Submitted by angry tapir
angry tapir (1463043) writes "In a surprising TV interview, a 23-year-old living in Russia said he helped code a software program that experts believe was eventually modified to steal tens of millions of payment card details from Target. Rinat Shabayev, who lives in Saratov, Russia, told Lifenews.ru that the program has a defensive purpose of finding software problems but could have been abused by criminals. The news outlet characterized his work on the program as a side job, quoting him as saying, "I am trying to find work. I want to find a normal and stable job and time to start my own business.""
Link to Original Source

Kill Ugly Processor Architectures - Karl Lehenbauer

Working...