Tag: software

CES: The Security Questions Nobody Wants You To Ask

A note that CES – the Consumer Electronics Show – is once again upon us. Prepare yourself for three or four days of tipsy reporting from the mainstream media about all the gee whiz gadgets that will soon be yours…or not. Let’s face it: a lot of what’s shown at CES is proof of concept stuff and some of it is just too downright silly to ever catch on. Remember HAPIFork? The “smart” fork that would warn you when you were shoveling grub into your maw too quickly? Right. Product security and data privacy are almost always lost in the excitement over the new gadgets and the TUSs. (Televisions of Unusual Size? I don’t think they exist!) That’s why, over on the Veracode blog, I put together a quick list of impertinent questions that every security-minded CES attendee should have at their fingertips. The questions cover a wide range of […]

Continue Reading

Welcoming A New Sponsor: Duo Security

Those of you who pay close attention to The Security Ledger may have noticed some new artwork gracing our home page in recent days. It is with great pleasure that I note the addition of our newest sponsor: Duo Security Inc., a maker of two-factor authentication technology. I followed Duo from its earliest days, but my interactions with the company picked up after last year’s RSA Conference in San Francisco, when I had the chance to get briefed by CEO Dug Song about the company’s technology and how Duo was leveraging consumer-driven trends like BYOD (bring your own device) to solve vexing enterprise identity and authentication problems. Duo, which is based in Ann Arbor, Michigan, sells a hosted two-factor authentication service that leverages the cloud and mobile devices to provide a secure login experience using something you know (a password) and something you hold (a mobile phone). The Duo platform […]

Continue Reading

Famed Hacker Barnaby Jack Died Of Accidental Overdose

Barnaby Jack, the world-renowned hacker who was found dead in his San Francisco apartment in July died of an accidental overdose of cocaine, heroin and prescription drugs, according to a report released by the San Francisco Medical Examiner’s office.  The news was first reported by the website theverge.com. Jack, a 36-year-old New Zealand resident was found unresponsive in bed, surrounded by bottles of pills, empty bottles of beer and champagne and evidence of “illicit drug use,” the Medical Examiner’s report states. Jack had traces of cocaine, heroin, Xanax, and Benadryl in his system at the time of death. Jack was one of the most gifted security researchers of his generation. The head of embedded device security at the firm IOActive, Jack electrified audiences with his demonstrations of vulnerabilities in devices such as ATMs and implantable insulin pumps. In a now-famous “Jackpotting” demonstration, he demonstrated a remotely exploitable hole affecting bank automated teller machines […]

Continue Reading

US CERT Warns About Point-of-Sale Malware

With news of the breach of big-box retailer Target Inc. still in the headlines, the U.S. Computer Emergency Readiness Team (CERT) issued a warning about the danger posed by malicious software targeting Point of Sale (POS) systems. CERT issued an advisory (TA14-002A) on Thursday asking POS owners to take steps to secure the devices, and telling consumers to beware.  The warning comes after a string of reports that suggest that malware attacking point of sale systems is on the rise. In December, researchers from Arbor Networks said they had detected an “active PoS compromise campaign” to steal credit and debit card data that used the Dexter and Project Hook malware. Dexter is a Windows-based program that was first discovered in December, 2012 by Seculert, an Israeli security firm. It is still not known whether malware played a part in the huge theft of credit card data from Target Inc. That […]

Continue Reading

What Will 2014 Bring For Internet of Things? Some Thoughts.

As we’ve noted before, The Internet of Things is figuring prominently in both year-end round ups and year-end predictions. Many technology pundits saying that the IoT and security issues related to Internet-connected devices will be a major trend to watch this year. Here are some interesting takes on what 2014 holds for The Internet of Things. Better Design (Wired)  While superbly designed products like the NEST Thermostat get much of the attention when folks talk about the potential of The Internet of Things, good design isn’t a prerequisite for making a “smart” device – nor is it even that common in the nascent IoT, as a casual reading of some of our coverage will show you. But good design – or at least better design – that includes robust security will be necessary if the IoT market is to mature. That’s the argument Jermoe Nadel makes in this article on […]

Continue Reading
1 96 97 98 99 100 117