07 Apr 2014

OpenSSL Zero Day Vulnerability ‘Heartbleed’ Impacts Internet Encryption

A new zero day vulnerability (CVE-2014-0160) affecting OpenSSL nicknamed ‘Heartbleed’ was introduced in December 2011 and has been fixed today in OpenSSL 1.0.1g. The vulnerable versions of OpenSSL are 1.0.1 through 1.0.1f with two exceptions: OpenSSL 1.0.0 branch and 0.9.8. Attackers who exploit the vulnerability can monitor all data passed between a service

0
18 Feb 2014

Create iPhone Rootkits Like You’re the NSA

In a recently leaked document it was revealed that the NSA had a project called “Dropout Jeep”. The purpose of the program was to install a rootkit on an iPhone that would allow calls and other information to be intercepted, as well as enable the device as a microphone, track

0
24 Jan 2014

New CryptoLocker Ransomware Variant Spread Through Yahoo Messenger

A new variant of the CryptoLocker malware has been discovered that uses Yahoo Messenger as its delivery mechanism and is targeting Windows systems.  My friends at NSHC in Singapore and Seoul have been battling with the malware that has hit a number of financial institutions throughout Asia Pacific. The variant infects

0
14 Jan 2014

How Target’s Point-of-Sale System May Have Been Hacked

Target has not revealed much regarding how their massive data breach occurred. To date they have disclosed the breach included 40 million credit cards and 70 million personal records. Target has only stated that the point-of-sale systems were compromised by malware.

0
12 Jan 2014

Why the Target Breach Might Be Even Bigger: Big Data Means Big Breach

So, now Target has updated that the scope of the data breach as being much bigger than the original 40 million credit cards and now includes information on more than 70 million customers including address, email, phone numbers.

0