Here's the deal of the day:
You Want a new Parrot AR2 (Normal version, not the Elite... the old link is dead) Drone?
You're unwilling to spend lots of $$$ for it?
Well, here's your chance: Go hunting!
I'm really looking forward to the time Amazon is starting their delivery service - and the corresponding ThreadPost.
As a side node, this will be even more fun if you could time this together...
Read More
Bugs and how they are dealt with
As I wrote in this article, Security Problems have definitely arrived in the car industry.
And I'm very happy to see that, in comparison with other companies, they reacted pretty fast to this security problem.
Very nice to notice, thanks!
I would like to see this more often. No, not the bugs, but the TTF (Time to Fix).
Read More
Features without a clue – why privacy matters
This article is a bit special because it is not directly linked to computer security in a way most people understand it.
Since more and more devices are connected to the internet I feel it's about time to write an article about something most of us use without too much caution.
And writing about a fridge gone berserk is not something I feel most people would listen up....
But now, some gu...
Read More
Hack the hacking Hacker
They know that we know that they know what they shouldn't know.
Basically, Malware is always a threat. There are two types of malware providers: Those who do it for money and those who do it for big money. In between are those, who want to do big money but are afraid to get caught by the police. Solution to this dilemma? Well, sell the software to the police as "security tool" to allow supervis...
Read More
Scareware with addon functionality for the really bad guys
According to Heise Security, MacKeeper (a well known Scareware Product) has a security problem that is being actively exploited by malware.
This signifies in short:
People who think they do something useful when installing MacKeeper end up having an even less secure device.
Well done, MacKeeper.
Read More
LastPass – The passwords will last. The Security didn’t.
In general, password databases are something very useful. How else would we be able to remember all the passwords we have chosen over past. And, in addition, how on earth would we be able to remember that password we only use any other year.
But where to put them? As we all know, (even password protected) Excel Sheets are a no-go. There are a bunch of really cool applications out there like Kee...
Read More
AVAST <=> External Analytics
Nach einem Bericht des Heise Security Newstickers gibt AVAST Nutzungsdaten an die Analysefirma “JunpShot” weiter.
“Dabei übermittelt Avast eigenen Angaben zufolge monatlich 150 Milliarden URLs von besuchten Webseiten an Jumpshot. Aus den Infos konnte Jumpshot etwa schlussfolgern, dass in Kalifornien Selfie Sticks bei Amazon.com besonders beliebt sind. Avast betont aber, dass die Daten anonymisi...
Read More
MAC EFI Bug
Heise Newsticker: Eine EFI-Schwachstelle ermöglicht es einem Angreifer, die Firmware älterer Macs zu manipulieren, wie ein Sicherheitsforscher berichtet – physischer Zugriff sei dafür nicht erforderlich.
Read More
CVE-2015-1188 – Swisscom Centro Grande (ADB) DSL router Vulnerability
Abstract
The certificate verification functions in the HNDS service in Swisscom Centro Grande (ADB) DSL routers with firmware before 6.14.00 allows remote attackers to access the management functions via unknown vectors.
Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1188
Seclists.org Announcement
Link: http://seclists.org/fulldisclosure/2015/Apr/103
Description
----------...
Read More
CVE-2015-3456 – VENOM Vulnerability
CVE-2015-3456 - VENOM
There is a critical Security Advisory concerning a (quite old but newly discovered) Bug in the FDC (Floppy Disk Drive) Virtualization Stack on almost all virtualization platforms except:
Microsoft HyperV
VMWare
The following Hypervisors ARE affected:
Any Version of QEMU
Any Hypervisor requiring LibVirt (KVM, Too)
Any Version of XEN (OpenSource and Commercial...
Read More