Quantcast

Archive: Aug 2012

Apple vs. Google 3: iPad Hack via Cross-Site Scripting

Felix ‘FX’ Lindner talks here about how iPad owners might get their devices exposed to third-party access while using the AppStore client, due to JavaScript implementation drawbacks and cross-site scripting. Now, to the more fun part. What does the AppStore client actually look like? What is it...

Apple vs. Google Client Platforms 2: Apple iPad Security Architecture

Having provided an overview of the iPad and Chromebook in general, Recurity Labs’ FX now focuses in detail on Apple’s approach to security, integrity protection and crypto. Let’s talk about Apple in more detail. So iPad security architecture – nothing new, I guess. It’s a standard XNU (Mach+BSD)...

Apple vs. Google Client Platforms: iPad and Chromebook comparison

Head of Recurity Labs Felix ‘FX’ Lindner presents an in-depth research at Black Hat Europe 2012, dedicated to differences in technical implementation and security architecture of the world’s leading client platforms used on Apple iPad and Google Chromebook devices. Hi, my name is FX, or Felix...

STOPzilla AntiMalware 6.0 review

$19.95 STOPzilla AntiMalware 6.0 features simplicity while applying best practices of antimalware protection. Usability:  Features:  Efficiency:  Support:  Overall:  Download At Florida-based iS3 security solutions provider, they claim their new STOPzilla AntiMalware to be a...

Privacy in the Age of Big Data 2: Is Death of Privacy Real?

Speaking on the way personal user information is handled by large data aggregates such as social networks, Bruce Schneier gets to the point of obscure privacy policies and the issue of restricted customer choices. It’s a common delusion that people don’t care about privacy; that young people don’t...

Bruce Schneier on Privacy in the Age of Big Data

Computer security expert and writer Bruce Schneier analyzes the trends of personal data collection and usage in the increasingly technological society. The topic of this panel is: “What’s going on out there?” I thought I would list what’s going on out there, talking about several...

Shaping Tomorrow’s Security Today 4: Advanced Persistent Protection

Enrique Salem welcomes Marc Benioff, the CEO of salesforce.com, to join the discussion and talk about the new perspective of security in the social, cloud-based and growingly mobile enterprise environment. To protect against advanced persistent threats, we need advanced persistent protection. And advanced...

Shaping Tomorrow’s Security Today 3: “Wired for Security” Model

The ‘wired for security’ approach for adapting to the new IT-saturated world is the subject of Enrique Salem’s scrutiny expressed in this section. If we want real protection, we have to let go of the lockdown mentality, and we have to think about this notion of what we’re calling “wired...

Shaping Tomorrow’s Security Today 2: Joe Sullivan, Chief Security Officer of Facebook

Enrique Salem’s presentation continues with Facebook’s Chief Security Officer Joe Sullivan stepping in to discuss how digital natives are impacting business and analyze problems of the so-called ‘lockdown’ approach to securing the workplace. But now we’re getting to what’s going to be difficult....

Shaping Tomorrow’s Security Today: Digital Native Generation

Ex-CEO of Symantec Enrique Salem explains his viewpoint on the concept of “digital natives” at RSA Conference, and provides his vision of IT security’s future. Thank you and good morning. I have somewhat of a unique vantage point as the CEO of the world’s largest security company. And...

BullGuard Internet Security 2015 review

$59.95 BullGuard Internet Security 2015 combines adequate online protection with remarkable usability and smart features. Usability:  Features:  Efficiency:  Support:  Overall:  Buy Now BullGuard Company’s origin dates back to 2002 when they came up with a simple all-in-one...

How Terrorists Encrypt 7: Peculiarities of Encryption Using Tadpole

Duncan Campbell dedicates the final part largely to Tadpole software which is used by jihadis to encrypt their communication while making terror plots. Operation CLUTCH (2010) The man named Anwar Al-Awlaki, was the head of al-Qaeda in the Arabian Peninsula until his demise. Based in Yemen, he was at the...

Reveton Trojan: fake FBI ransomware assaults US users

The Federal Bureau of Investigation is warning the Internet users of a dangerous and immensely aggressive virus called Reveton which is known to block computers on behalf of the government organizations, attempting to extort money from confused users. Based on the official report, Reveton is a typical...

How Terrorists Encrypt 6: Traces Cleanup with TrueCrypt Software

Duncan Campbell provides details on several more counter-terrorism operations, outlining the use of TrueCrypt software and other conspiracy tricks by jihadis. Operation PATHWAY (2009) This investigation was blown to the entire world by mistake, when Commander Bob Quick, who was then head of British...

How Terrorists Encrypt 5: International Anti-Terror Operations

Duncan Campbell talks about several major anti-terror operations and the way encryption techniques were used by jihadis to organize their attacks. Operation MAZHAR (2005) An international search tracked down an Islamic Internet activist who for 3 years had been tauntingly calling himself on the Internet...

How Terrorists Encrypt 4: “Mujahideen Secrets” Software

The research moves into cryptographic area proper, explaining the principles of jihadis’ encrypting techniques and providing specific terror investigation cases. Now, finally, we have cryptography from jihadis. This is “Asrar al-Mujahideen” (see image) – “The Secrets of...

How Terrorists Encrypt 3: Communication Tools

Duncan Campbell proceeds with the analysis of several more ideological Jihadist documents out there, and gives a brief insight into communication tools applied. Among the “Encyclopedia of Jihad” PDF files being circulated, there was also the “Mujahideen Poisons Handbook” which I...

How Terrorists Encrypt 2: Encyclopedia of Jihad

This part of Duncan Campbell’s talk is dedicated to the detailed review of known jihadist literature which is intended to facilitate terrorists’ activities. After 9/11, U.S. legislators made a final attempt to bring in key escrow and to clamp down on Internet cryptography, but the new cryptography...

How Terrorists Encrypt: Threatscape Overview

British investigative journalist Duncan Campbell speaks at DeepSec Conference about the use of cryptography by terrorists and outlines the related threatscape. Thanks very much and good morning. I’m gonna talk, or try and talk, about what real terrorists do with modern encryption tools in the 21st...

Multi-step iCloud account hack

Online criminals from Clan Vv3 have managed to send Amazon, Apple, Gizmodo, and Wired around the bend all together recently. Twitter and Gmail were negatively involved as well. Most of all, however, suffered the journalist Matt Honen. Not only was his Twitter account hacked, but he also lost control over his...

Searching for Malware 6: Top Search Terms for Spreading Malware

Read previous: Searching for Malware 5: Friends-Followers Delta and Twitter Network Misuse Final part of this Defcon talk exemplifies the issue of top search terms used for spreading malware in the given period, and contains a brief Q&A section. Paul Judge: What we came up with is if you look at the...

Searching for Malware 5: Friends-Followers Delta and Twitter Network Misuse

Read previous: Searching for Malware 4: Exploring Twitter Accounts David Maynor and Paul Judge introduce the concepts of Friends-Followers Delta and the Tweet Number to explain the essence of Twitter network misuse. Paul Judge: We wanted to better understand what are the behaviors and properties of Twitter...

Searching for Malware 4: Exploring Twitter Accounts

Read previous: Searching for Malware 3: Trending Topics Exploiting In this part, David and Paul speak more specifically on Twitter usage patterns they retrieved, and outlined a number of distinct user groups on the network. Paul Judge: We dug into the different networks, and we dug into Twitter – that’s...

Searching for Malware 3: Trending Topics Exploiting

Read previous: Searching for Malware 2: Prevalent Patterns of Malware Distribution Barracuda Labs’ representatives focus here on trending topics exploiting by attackers, and provide preliminary facts about Twitter misuse. Paul Judge: From there, let’s do a transition a little bit over to something more...

Searching for Malware 2: Prevalent Patterns of Malware Distribution

Read previous: Searching for Malware: Essence and Methodology of the Research Moving on with the presentation, David Maynor and Paul Judge analyze prevalent patterns of malware distribution via search results poisoning. Paul Judge: Another question that we looked to answer was whether these were known...