Uncategorized

Shodan search engine is only the latest reminder of why we need to fix Internet of Things security. Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams. The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, […]

Hackathon prize money keeps rising each year as organizations learn to take advantage of their value. Runner-up cash prizes are now in the thousands, and grand-prize payouts are as high as $1 million. There is now a compelling argument for ambitious programmers to live off hackathons: They can forget the long-term slog of building a startup

Fortinet warns customers to remove undocumented authentication feature ASAP. A recently identified backdoor in hardware sold by security company Fortinet has been found in several new products, many that were running current software, the company warned this week. The undocumented account with a hard-coded password came to light last week when attack code exploiting the backdoor

Senate Intelligence Committee Members Ask White House For Official Apology From CIA For Hacking Senate Computers from the CIA:-it’s-time-to-let-unacknowledged-wrongdoing-remain-unacknowledged dept Ron Wyden, Martin Heinrich and Mazie Hirono — all members of Senate Intelligence Committee — have sent a letter to the President demanding an official apology from CIA head John Brennan for the agency’s surveillance

Should be a good conference at RSA if the medium is the message (NOT) Scores of security bods registering for security outfit RSA’s Executive Security Action Forum (ESAF) have handed over their Twitter account passwords to the company’s website in what is seen something between bad practise and outright compromise. The registration process for the

Sayonara, “password,” and fare thee well, “123456”: Google’s testing a new way of logging in with mobile phones instead of flimsy (though depressingly, persistently popular) passwords. Google last month confirmed to Android Police that it’s testing the feature with a small number of users on both Android and iOS mobile operating systems. The publication quoted

Hackers associated with the Anonymous collective have knocked offline almost 300 Thai court and government websites in retaliation for the death sentences handed down to two Myanmar men for murdering two British tourists on Koh Tao. In a Facebook post to a non-official Anonymous page, the hackers, believed to be the same Myanmar group that

When you pay for security software, you probably hope it’s protecting you — not creating a massive security breach in and of itself. But if you ran Trend Micro’s password manager, enabled by default for all Trend Micro users, any site on the web could have executed any app on your computer just by including

Someone’s palm is digging a hole into their face at Cisco, which has just admitted it shipped a bunch of servers with the wrong default password. “A number of C-Series servers have shipped to customers with a non-standard default password which prevents access to the Cisco Integrated Management Controller (CIMC) unless the configured password is

The explosion of the Internet of Things (IoT), as seen at CES 2016 in Las Vegas last week, and its implications on the cloud and cybersecurity. The damage, the damnation, the truculent total churl of the CES 2016 was this: all of the new Internet of Thingies/IoT/KewlGear has no cohesive security strategy. It’s a mosh pit of