Weaknesses have been found in WPA2, a protocol that secures all modern protected Wi-Fi networks. The attack (which has been nicknamed Krack) can allow an attacker to defeat encryption and view traffic which would normally be protected against viewing my an unauthorised user. Official release and full write-up of Krack Attack is here It is… Read More: Vulnerability Found In Common WiFi Encryption (Krack Attack) »
(spoiler, it was a mostly inside job) Click through for the story of how ShapeShift, a leading blockchain asset exchange platform, was betrayed. Not once, not twice, but three times in less than a month. The Shapeshift Hack
Used by both web cartoon makers, and terrible online banking interface creators, Adobe Flash has been the bane of many IT administrators lives for years. Responsible for a never-ending slew of security vulnerabilities, the sooner that Flash is dead, the better. Recently announced by Adobe, updates and patches will no longer be released after 2020.… Read More: Adobe Flash gone by 2020 according to Adobe »
It’s not just traditional computers and servers that are at risk of being hacked, but also other devices too. In this case the FDA has released an advisory regarding vulnerabilities found in Abbotts Cardiac Pacemakers. More information can be found here
If you are one of the many millions of worldwide useds of the popular Windows cleaning software ‘CCleaner’ then you might wish to scan your system for malware. First spotted on September 13, 2017 – the installer for CCleaner v5.33 was modified at source to include and distribute malicious software. There are also reports that… Read More: Popular CCleaner Tool Compromised by Hackers »
A security researcher has found a potential new attack vector using the relatively new Windows 10 feature of WSL (Windows Subsystem for Linux). This technique, dubbed Bashware, has the potential to sidestep many Windows AntiMalware solutions. WSL makes the popular bash shell available for Windows 10 users, and in so doing, enables users to natively… Read More: Windows Subsystem For Linux Considered Potential Security Attack Vector »
We first saw this joke many years ago here at ITSS, but it’s still relevant today. If any of you are software developers – there are lessons to be learned here…
Another annotated example of how to spot a phishing email.
Are you using HOLA for VPN? We don’t think its safe, and neither do these guys: http://adios-hola.org/
Here at ITSS we try to take security seriously. We’ve noticed that a lot of the new smartphones are coming with fingerprint readers, and that many users are choosing to ‘lock’ their phones (and other devices), with their fingerprint(s). This is not a good idea. Consider a good password: It’s secure (of a suitable length,… Read More: Fingerprints are not passwords. »