Google has made a subtle, but important, shift in the requirements for Android handset makers, saying now that OEMs manufacturing phones that will run Lollipop do not have to enable disk encryption by default. This is a major change from the company’s stated position from just a few months ago, but it may not have[…]
Latest posts
Domain Shadowing Latest Angler Exploit Kit Evasion Technique
Categories: Hacks, Malware, Web Security
The Angler Exploit Kit has begun using domain shadowing as a technique to avoid detection and blocking, researchers at Cisco Talos said.
New POS Malware Uses Mailslots to Avoid Detection
Categories: Malware
A new type of POS malware, LogPOS, is using technology that evades detection by letting the malware inject code while it shuttles stolen credit card numbers to its C+C server.
New FREAK Attack Threatens Many SSL Clients
Categories: Cryptography, Government, Hacks, Vulnerabilities, Web Security
For the nth time in the last couple of years, security experts are warning about a new Internet-scale vulnerability, this time in some popular SSL clients. The flaw allows an attacker to force clients to downgrade to weakened ciphers and break their supposedly encrypted communications through a man-in-the-middle attack. Researchers recently discovered that some SSL[…]
Government Report Critical of FAA Security Controls
Categories: Critical Infrastructure, Government, Vulnerabilities
A GAO report takes the Federal Aviation Administration to the woodshed over its sub-par information security controls and policies.
