Ingo Krienen
  Datum: 20.09.2017 | Zeit: 10:58:35 | KW: 38
 

CounterMeasures – A Security Blog

Trend Micro’s Rik Ferguson blogs about current security issues.
letzte Aktualisierung: 20.09.2017 05:35
  • vTech – ignorance is no defence (and neither are weasel words)
    This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The changes are truly astonishing, take a look at the Limitation of Liabilities clause for yourself. You may remember that vTech were breached in November last year losing the personally identifiable […]
  • The Death of InfoSec
      Security should be built-in, not bolt-on. Security should never be an afterthought. Secure by design, secure by default these and more have become mantra, at least in information security circles. It is clear that technology, infrastructure and services initially designed for ease-of-use, maximum compatibility or openness will appear to be constrained by the security […]
  • TalkTalk – The case for a Chief Security Officer
      While the importance of the Chief Information Security Officer has been in constant growth over the past few years, organisations that employ a CISO/CSO are still far too few. As the latest breach at broadband provider TalkTalk descends slowly into farce, the perils of relying on the CEO to fill these shoes become apparent. […]
  • The Security of the Small Business
    In the United Kingdom, as in many other economies around the world, smaller businesses are the lifeblood of national prosperity. In essence SMEs *are* the private sector, according to the Department for Business, Innovation & Skills, they employ more people (60% in the UK in 2014) and generate almost half the total turnover of the […]
  • TV5 Monde, Russia and the CyberCaliphate
    Yesterday evening French magazine L’Express published a report linking an attack against TV5 Monde very firmly to the Russian state. The attack, which knocked 11 of its global channels off air for a period of time and resulted in a compromised website and Facebook page, took place back in April. At the time when the […]
  • Where’s Wally? Tracking the president with GPS
    Is the security of wearable technology really a big deal? Is the security of IoT devices really such a big deal? I mean, my fridge, my light bulb, my other cliché, what use are they to an attacker? Who really cares where I am, how fast my heart is beating or what my typical pace […]
  • What you really accept when you use How-Old.net
      Microsoft had an apparently unexpected hit on their hands with the unveiling of the “How Old Do I Look?” service at the Microsoft Build conference last week. By the weekend my Facebook feed was filling up with friends from all over the globe sharing the results of their own submissions to the service. For the […]
  • Superfish (and chips) or Super Phish?
      UPDATE: The private key and associated password which enable 3rd party (i.e. attacker) MITM attacks have successfully been extracted. This means that an attacker on the same network as a compromised machine will be able to intercept any supposedly SSL encrypted traffic. UPDATE 2: Trend Micro detects the associated files as ADW_LOADSHOP and ADW_SUPERFISH. Compromised machines where […]
  • Naked celebrities revealed by “iCloud hack”
    We awoke this morning to the entirely unnecessary sight of the personal photos of several celebrities, the pictures range from the fully clothed “mirror selfie” to the far more explicit. Victims include Jennifer Lawrence, Ariana Grande, Kate Upton and Victoria Justice. For obvious reasons, clicking on links to “naked celebrity” photos, or opening email attachments would […]
  • Compromised Facebook accounts create scam events
    Compromised Facebook accounts are being used in new ways to make sure that Spam reaches its intended audience. As I was sitting working away at my computer, an event notification popped up on my screen that confused me. This notification confused me for a number of reasons, firstly I was pretty sure I hadn’t accepted […]
 
Copyright © 2000 - 2017. Alle Rechte vorbehalten.
zertifiziert gemäß DIN EN ISO/IEC 17024