Advertisement
News
Subscribe to DFI News
View Sample

SUBSCRIBE TO FREE
DFI News
EMAIL NEWSLETTER

The Defense Advanced Research Projects Agency (DARPA) is looking for new program analysis techniques and tools to enable analysts to identify vulnerabilities in algorithms implemented in software used by the US government, military, and economic entities.

DARPA Seeking Vulnerabilities in Software Algorithms

September 9, 2014 12:58 pm | by Zeljka Zorz, Help Net Security | Comments

The Defense Advanced Research Projects Agency (DARPA) is looking for new program analysis techniques and tools to enable analysts to identify vulnerabilities in algorithms implemented in software used by the US government, military, and economic entities.

TOPICS:

Cyber Forensics Group Reveals Smartphone App Vulnerabilities

September 9, 2014 12:47 pm | by Univ. of New Haven | Comments

Security flaws, breaches of privacy and additional vulnerabilities in chat, dating and other social media apps used by nearly one billion subscribers will be revealed by the University of New Haven's Cyber Forensics Research and Education Group (UNHcFREG).

TOPICS:
To hear the FBI tell it, tracking down the secret server behind the billion-dollar drug market known as the Silk Road was as easy as knocking on a door. But the technical side of the security community, who have long tracked the dark web’s experiments in

Did the FBI Hack the Location of Silk Road's Server?

September 9, 2014 12:19 pm | by Andy Greenberg, Wired | Comments

To hear the FBI tell it, tracking down the secret server behind the billion-dollar drug market known as the Silk Road was as easy as knocking on a door. But the technical side of the security community, who have long tracked the dark web’s experiments in evading law enforcement, don’t buy that simple story.

TOPICS:
Advertisement
As the trial of alleged Silk Road drug market creator Ross Ulbricht approaches, the defense has highlighted the mystery of how law enforcement first located the main Silk Road server in an Icelandic data center, despite the computer being hidden by the fo

FBI Pinpoints Silk Road's Server from Leaky Login Page

September 8, 2014 1:21 pm | by Andy Greenberg, Wired | Comments

As the trial of alleged Silk Road drug market creator Ross Ulbricht approaches, the defense has highlighted the mystery of how law enforcement first located the main Silk Road server in an Icelandic data center, despite the computer being hidden by the formidable anonymity software Tor. Was the FBI tipped off to the server’s location by the NSA, who used a secret and possibly illegal Tor-cracking technique?

TOPICS:
When one Atlanta, Georgia-based Internet provider was served a top-secret data request, there wasn't a federal agent in sight. Why? Because the order was served on a so-called "trusted third-party," which handles the request, served fresh from the secreti

Trusted Third Parties Deliver Data to the NSA

September 8, 2014 1:11 pm | by Zack Whittaker, ZDNet | Comments

When one Atlanta, Georgia-based Internet provider was served a top-secret data request, there wasn't a federal agent in sight. Why? Because the order was served on a so-called "trusted third-party," which handles the request, served fresh from the secretive Washington D.C.-based Foreign Intelligence Surveillance (FISA) Court. 

TOPICS:
The six-year old Conficker worm is still a major presence in the threat landscape, accounting for 38 percent of all detections in the first half of 2014, according to security vendor F-Secure’s latest Threat Report.

Conficker Most Reported Security Threat in 2014

September 8, 2014 12:45 pm | by Phil Muncaster, Infosecurity Magazine | Comments

The six-year old Conficker worm is still a major presence in the threat landscape, accounting for 38 percent of all detections in the first half of 2014, according to security vendor F-Secure’s latest Threat Report.          

TOPICS:
In late May, an international law enforcement effort disrupted the Gameover Zeus (GoZ) botnet, a network of compromised computers used for banking fraud. The crackdown effectively eliminated the threat from Cryptolocker. Yet, ransomware is not dead, two r

Ransomware Going Strong, Despite Takedown of Gameover Zeus

September 8, 2014 12:37 pm | by Robert Lemos, Ars Technica | Comments

In late May, an international law enforcement effort disrupted the Gameover Zeus (GoZ) botnet, a network of compromised computers used for banking fraud. The crackdown effectively eliminated the threat from Cryptolocker. Yet, ransomware is not dead, two recent analyses have found. 

TOPICS:
The Chinese authorities have launched a man-in-the-middle attack campaign against users of the country’s research and education network CERNET who try to search via Google, in a bid to monitor and censor the HTTPS site.

China Launches Man in the Middle Attack against Google

September 5, 2014 1:31 pm | by Phil Muncaster, Infosecurity Magazine | Comments

The Chinese authorities have launched a man-in-the-middle attack campaign against users of the country’s research and education network CERNET who try to search via Google, in a bid to monitor and censor the HTTPS site.         

TOPICS:
Advertisement
Home Depot has not yet confirmed that a slew of fraudulent transactions came from a breach of its systems, yet an increasing body of evidence is mounting that points to a massive compromise linked to the home-supply retail chain.

Home Depot Breach a Near Certainty

September 5, 2014 1:14 pm | by Robert Lemos, Ars Technica | Comments

Home Depot has not yet confirmed that a slew of fraudulent transactions came from a breach of its systems, yet an increasing body of evidence is mounting that points to a massive compromise linked to the home-supply retail chain.     

TOPICS:
Around 350 Android apps that can be downloaded from Google play and Amazon stores fail to properly validate SSL certificates for HTTPS connections, and thus open users to Man-in-the-Middle attacks if they use them on insecure and open networks, a research

Researchers Compile List of Android Apps that Allow MitM Attacks

September 5, 2014 1:06 pm | by Zeljka Zorz, Help Net Security | Comments

Around 350 Android apps that can be downloaded from Google play and Amazon stores fail to properly validate SSL certificates for HTTPS connections, and thus open users to Man-in-the-Middle attacks if they use them on insecure and open networks, a researcher has warned.

TOPICS:
Home improvement retailer Home Depot Inc has been in contact with the U.S. Secret Service about an alleged major breach of customer and credit card data that came to light this week, a law enforcement source has told Reuters.

Secret Service Contacted over Alleged Home Depot Breach

September 4, 2014 12:50 pm | by Reuters | Comments

Home improvement retailer Home Depot Inc has been in contact with the U.S. Secret Service about an alleged major breach of customer and credit card data that came to light this week, a law enforcement source has told Reuters.     

TOPICS:
The underground market for cybercrime products and services in China is booming, with both the number of participants and IM messages sent between those participants doubling last year, according to new research from Trend Micro.

Chinese Cybercrime Soars as Tools are Traded Online

September 4, 2014 12:35 pm | by Phil Muncaster, Infosecurity Magazine | Comments

The underground market for cybercrime products and services in China is booming, with both the number of participants and IM messages sent between those participants doubling last year, according to new research from Trend Micro.     

TOPICS:
A "safe harbor" clause in the 1998 law called the Digital Millennium Copyright Act absolves websites of any legal liability for virtually all content posted on their services. The law, known as the DMCA, requires websites and other Internet service provid

Stolen Photos of Stars Find 'Safe Harbor' Online

September 4, 2014 12:29 pm | by Michael Liedtke, Associated Press | Comments

A "safe harbor" clause in the 1998 law called the Digital Millennium Copyright Act absolves websites of any legal liability for virtually all content posted on their services. The law, known as the DMCA, requires websites and other Internet service providers to remove a piece of content believed to be infringing on a copyright after being notified of a violation by the copyright owner.

TOPICS:
Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's expla

Is Apple iCloud Safe?

September 4, 2014 12:10 pm | by Mathew J. Schwartz, Gov Info Security | Comments

Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's explanation for the attacks. And they contend the company's iCloud service remains vulnerable to similar exploits.

TOPICS:
Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services speciali

BYOD Policy Helps Avoid Major Security Breaches

September 3, 2014 11:57 am | by ITC Infotech | Comments

Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services specialist ITC Infotech, lack of a stringent BYOD policy can lead to the risk of a major security breach.

TOPICS:

Pages

X
You may login with either your assigned username or your e-mail address.
The password field is case sensitive.
Loading