Recent Posts

Pages: [1] 2 3 ... 10
1
BY: Garry McCracken, VP of Technology Partnerships, WinMagicAugust 20, 2018

For many of us, shutting our laptops after a tough day in the office is a satisfying feeling that signals the end of work until tomorrow. But what we don’t realise is that simply shutting the lid and putting the laptop into sleep mode can leave it much more vulnerable to cyber-attacks than we might think.

This is because sleep mode (S3) on most laptops is little more than a low power mode designed to save battery life. As a result, when S3’s engaged, the laptop’s drive and other hardware power off, but its memory remains active, ready to spring back to life as soon as the user opens the lid back up or hits the power button. Convenient? Yes. Secure? No.

In the case of secure laptops running Full Drive Encryption (FDE), this suspended memory includes the DEK (Data Encryption Key) or with Self-Encrypting Drives (SED), the very credentials required to unlock the drive. Keeping sensitive information like this in such an accessible place leaves the whole laptop vulnerable to breach.

full article here:https://www.helpnetsecurity.com/2018/08/20/laptop-sleep-security/
2
BY: Zeljka Zorz, Managing EditorAugust 20, 2018

The number one source of TLS/SSL Man in the Middle (MitM) attacks on encrypted mobile traffic are not corporate firewalls or captive portals used by hotels, airports and other organizations offering free Wi-Fi access – it’s spyware.

“A big chunk of that spyware comes from companies that are mining user data, and users are usually not tricked into installing these apps. Unfortunately, users explicitly allow companies to monitor their phone usage for a meager compensation,” notes Doug Dooley, Chief Operating Officer at modern application security company Data Theorem.

This revelation comes from reports collected in the past 12 months via TrustKit, a plug-and-play open source SDK that simplifies the implementation of TLS (SSL) pinning in mobile apps. The SDK ensures that the client checks the server-side certificate against a known copy of that certificate and, thus, spots eavesdropping attacks.


full article here:https://www.helpnetsecurity.com/2018/08/20/eavesdrop-encrypted-mobile-traffic/
3
BY:  Zeljka Zorz, Managing EditorAugust 20, 2018

The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers.
What is MQTT?

The Message Queuing Telemetry Transport (MQTT) protocol is a messaging protocol that’s has been in use for almost two decades, mainly for industrial automation. It is often used to overcome the gap between different protocols, allowing different devices to communicate with each other.

“The protocol is meant as a subscriber/publisher model. It works like an RSS feed: you subscribe to a topic, and once someone publishes something on the topic, the payload is delivered to all subscribers,” Hron explains.

This publish-subscribe messaging pattern requires a message broker.

full article here:https://www.helpnetsecurity.com/2018/08/20/unsecured-mqtt-servers/
4
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by djg05 on Today at 11:17:49 am »
4.54 running fine here.
Still have the issue of VS going to the task bar instead of a window but since I know about it, it is a non event.

Regards

David
5
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by yashkhan on Today at 09:05:03 am »
Think about Leo's false positive VS test... it consisted of one file "Process Hacker" that behaves exactly like malware, regardless of the intent of the file.  It would also help Leo to work with 400 or so local clients on a daily basis and see how well VS does for them... they literally have zero trouble with VS.  Instead, he incorrectly assumes that users will have issues with it... and he bases his opinions on jack squat.
There are no false positive with Application Whitelisting  in my opinion. It's simple, whitelisted items are allowed and non-whitelisted items are blocked.

Some users say VoodooAi gives false positive cause they don't understand VoodooAi is not a blacklist or malware scan. VoodooAi provides information on programs and VoodooAi verdict/score simplifies the information for average and expert users too.

VoodooAi differentiates VoodooShied from other Application Whitelisting, and makes VoodooShield a lot easy to use compared to other Application Whitelisting software.

VoodooAi verdict/score is very helpful to take an action on alerts. Users should understand VoodooAi verdict is to help them take a decision on alerts and not a detection of any type.

VoodooAi verdict "Suspicious" is not a false positive but an information to be careful with the program.

I have tested VoodooShield or VoodooAi a lot and have noticed that it works good on majority or average users system. They will hardly see "Unsafe" VoodooAi verdict for their programs. My only concern was "Command Line" alerts for average users but Dan has improved and reduced the command line alerts successfully. I rarely see a command line alert on my system. On my family system, there are few entries in "Command Lines" section and all were automatically allowed.

I have tested VoodooAi a lot. I find "Unsafe" verdict effective. I use "Rules" wizard, uncheck digital signatures and set VoodooAi @90 on my family and few friends systems so that VoodooShield will alert for only "Unsafe" programs. And pair VoodooShield with mostly Windows Defender on Win 10 systems. No issues or malware yet. Light and effective protection.
Dan has added "Security Posture" in VoodooShield. It made my job easy. "Relaxed" protection in "Security Posture" is same as the above mentioned protection with "Rules" wizard.

I am not suggesting or recommending a protection. Each user is different. VoodooShield provides innovative security and protection levels or modes. Set it on your family or friends systems and find the balanced or comfortable protection for them.
6
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by VoodooShield on Today at 07:46:19 am »
BTW, it is easy for someone who has never actually built something to criticize because they do not understand the hard work that is involved to build something on their own.

I genuinely feel sorry for these people.

It's cool if you do not want to build something... just do not criticize others when you have no idea what all is involved to build something great.

The people who understand VS understand this as well.
7
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by VoodooShield on Today at 07:40:56 am »
Please read the following entire thread and focus on page 3, mainly starting in the middle on page 3.

https://malwaretips.com/threads/cylance-old-and-new-vs-signature-based-av-in-an-offline-test-with-fresh-malware-and-ransomware.85907/page-3

Ready to spill the beans...

https://www.youtube.com/watch?v=SBjQ9tuuTJQ







8
Security & Technology News / Inside the Democratic war against hacks
« Last post by Antus67 on Today at 04:07:28 am »
BY: Shannon Vavra, Jonathan Swan



Democratic Sen. Jeanne Shaheen's team has sent out three fake spearphishing email campaigns to staffers over the last 18 months to test whether they’d fall for real hacking, her chief of staff, Maura Keefe, tells Axios. The result? Several fell for it.

Why it matters: Every political operation in the country is grappling with the reality that hackers may target them — that is, if they haven’t been infiltrated already.

    The offices of Shaheen and Democratic Sen. Claire McCaskill have both been targeted by phishing emails.
    Russian hackers successfully spearphished the DNC and DCCC in 2016.

full article here:https://www.axios.com/democratic-senate-cybersecurity-foreign-email-hacking-4f9f54a1-16b0-45d8-9038-571d5b3718a4.html
9
 By Tim Johnson
McClatchy Washington Bureau (TNS)


LAS VEGAS — It’s easier than ever to get waylaid on the internet, diverted to dangerous territory where scam artists await with traps baited for the unsuspecting user.

It’s all about devious misdirection, fumble-fingered typing and how our brains can confuse what our eyes see. Big money can await the clever scamster, and costs are rising for corporations and politicians who do not take heed.

The problems lie in the inner workings of the internet, and touch on issues like the vast expansion of the combination of words, dots and symbols that comprise internet addresses.

It’s no longer just .com, .net., .org and a handful of others. Now, there are 1,900 new extensions, known as top-level domains, things like .beer, .camera, .city, .dating, .party and .shop.

full article here:https://www.seattletimes.com/nation-world/internet-domain-expansion-has-made-spoofing-easier-than-ever/
10
By Catalin Cimpanu

The number of tracking cookies on EU news sites has gone down by 22% according to a report by the Reuters Institute at the University of Oxford, who looked at cookie usage across EU news sites in two phases, in April 2018 and July 2018, pre and post the introduction of the new EU General Data Protection Regulation (GDPR).

Researchers looked at 200 news sites in total, from seven countries —Finland, France, Germany, Italy, Poland, Spain, and the UK.

After compiling and comparing the two data sets, the report reveals that the biggest drop was recorded in the UK, where news sites are now using 45% less tracking cookies than before the GDPR launch.

On the other hand, German news sites exhibited the smallest change with 6% fewer cookies in July than in April, while the number of cookies grew by 20% in Poland, the only country with a positive change.

full article here:https://www.bleepingcomputer.com/news/technology/number-of-third-party-cookies-on-eu-news-sites-dropped-by-22-percent-post-gdpr/
Pages: [1] 2 3 ... 10