New malware turns your computer into a cellular antenna

A group of Israeli researchers have improved on a way to steal data from air-gapped computers, thought to be safer from attack due to their isolation from the Internet.They’ve figured out how to turn the computer into a cellular transmitter, leaking bits of data that can be picked up by a nearby low-end mobile phone.While other research has shown it possible to steal data this way, some of those methods required some hardware modifications to the computer. This attack uses ordinary computer hardware to send out the cellular signals.Their research, which will be featured next week at the 24th USENIX Security Symposium in Washington, D.C., is the first to show it’s possible to steal data using just specialized malware on the computer and the mobile phone.To read this article in full or to leave a comment, please click here

Design flaw in Intel processors opens door to rootkits, researcher says

A design flaw in the x86 processor architecture dating back almost two decades could allow attackers to install a rootkit in the low-level firmware of computers, a security researcher said Thursday. Such malware could be undetectable by security products.The vulnerability stems from a feature first added to the x86 architecture in 1997. It was disclosed Thursday at the Black Hat security conference by Christopher Domas, a security researcher with the Battelle Memorial Institute.By leveraging the flaw, attackers could install a rootkit in the processors System Management Mode (SMM), a protected region of code that underpins all the firmware security features in modern computers.To read this article in full or to leave a comment, please click here

Microsoft, Salesforce.com join $5.3 billion Informatica buyout

Data-integration giant Informatica has made itself a private company in a $5.3 billion deal that includes investments from Microsoft and Salesforce.com.The deal, said to be the biggest leveraged buyout this year, means Informatica’s stock ceased trading on the Nasdaq on Thursday. In exchange, Informatica stockholders are getting $48.75 per share in cash.It’s part of a trend in which companies have been taking themselves private to make themselves more competitive. Dell, Tibco Software, Riverbed and Compuware have all made similar moves.To read this article in full or to leave a comment, please click here

Carly Fiorina calls on Apple, Google to provide greater access for FBI

Republican presidential candidate and former tech-executive Carly Fiorina has called on Apple and Google to provide greater access to information about their users to the FBI and law enforcement in order to aid investigations.Speaking Thursday in a televised debate in Cleveland organized by Fox News Channel, the former CEO of Hewlett-Packard said restrictions that prevent private companies and law enforcement from working together need to be changed.“I certainly support that we need to tear down cyber walls, not on a mass basis but on a targeted basis,” she said in response to a question from a moderator.“I do not believe that we need to wholesale destroy every American citizen’s privacy in order to go after those that we know are suspect or already a problem, but yes, there is more collaboration required between private sector companies and the public sector and specifically we know that we could have detected and repelled some of these cyber attacks if that collaboration had been permitted,” she said.To read this article in full or to leave a comment, please click here

OSX, Outlook 2011 and Evernote

If you are using Outlook and Evernote on the Mac, check out the article below. It outlines an AppleScript that allows the user to press Command+E to add an email, or selected portion of an email to Evernote.

As I implemented this, I did run into a couple of caveats. My suggestion is to make sure to read the comments in the script and to relaunch Outlook between changes. Thanks to Justin Lancy for a great tip.

I’d love to hear from you, so share your thoughts by commenting below.

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.

No related content found.

The post OSX, Outlook 2011 and Evernote appeared first on PacketU.

IPv4 Address Exhaustion in APNIC

It has been over 4 years since APNIC, the Regional Internet Registry for the Asia Pacific Region handed out its last “general use” allocation of IPv4 addresses. Since April 2011 APNIC has been restricted to handing out addresses from a “last chance” address pool, and has limited the amount of addresses allocated to each applicant. In this article I’d like to review where APNIC is up to with its remaining pools of IPv4 addresses.

Web Real Time Communication (WebRTC) applications emerge as the tech stabilizes

Perhaps the single-most significant standards based technological advancement in the field of unified communications over the past year has been the completion of Web Real Time Communication (WebRTC) standard and the appearance of several WebRTC based implementations.

WebRTC 1.0 APIs are defined by the World Wide Web Consortium (W3C) and the IETF (Internet Engineering Taskforce) RTCWeb Working Group, and they make it possible for Web browsers to support voice calling, video chat, and peer-to-peer connections.

There has been considerable stabilization of the WebRTC browser implementation over the past year or so, enabling much more robust WebRTC apps to be developed. On the other hand, there still remains considerable and substantial work to be done on the IETF protocols for WebRTC.  

To read this article in full or to leave a comment, please click here

Tesla patches Model S after researchers hack car’s software

Tesla has issued a security update to its Model S car after security researchers discovered six flaws that allowed them to control its entertainment software and hijack the vehicle.With access to the entertainment software, Kevin Mahaffey, CTO of security startup Lookout, and Marc Rogers, a security researcher at CloudFlare, turned off the engine while a person was driving, changed the speed and map information displayed on the touchscreen, opened and closed the trunk and controlled the radio.The pair, who will discuss their findings Friday at the DEF CON hacking conference in Las Vegas, also uploaded a remote access application that allowed them to lock and unlock the car using an iPhone.To read this article in full or to leave a comment, please click here

Tesla patches Model S after researchers hack car’s software

Tesla has issued a security update to its Model S car after security researchers discovered six flaws that allowed them to control its entertainment software and hijack the vehicle.With access to the entertainment software, Kevin Mahaffey, CTO of security startup Lookout, and Marc Rogers, a security researcher at CloudFlare, turned off the engine while a person was driving, changed the speed and map information displayed on the touchscreen, opened and closed the trunk and controlled the radio.The pair, who will discuss their findings Friday at the DEF CON hacking conference in Las Vegas, also uploaded a remote access application that allowed them to lock and unlock the car using an iPhone.To read this article in full or to leave a comment, please click here

FCC rejects proposal favoring small carriers in spectrum auction

Small mobile carriers lost a battle Thursday when the U.S. Federal Communications Commission declined to make it easier for them to get access to a reserved slice of spectrum during a 2016 auction of television spectrum.The FCC, in a 3-2 vote, approved a wide-ranging set of rules for the upcoming incentive auction in which U.S. TV stations have the option of giving up their current spectrum and moving to other channels or stop broadcasting over the air in exchange for a piece of the auction proceeds. The world’s first, two-way spectrum auction, with TV stations selling spectrum and mobile carriers buying, will begin March 29, 2016, the FCC announced.To read this article in full or to leave a comment, please click here

Prominent healthcare CIO: FDA medical device security warning “will be the first of many”

Dr. John Halamka has taken to his "Life as a Healthcare CIO" blog to sound the alarm on medical device threats in the wake of the FDA late last week issuing its first cybersecurity warning about a specific medical device.The Food and Drug Administration urged healthcare facilities to stop using Hospira's Symbiq Infusion System, a common device for dispensing fluids/drugs to patients that the manufacturer says is being removed from the market. The warning spells out that the devices could be accessed via a hospital network and rejiggered to mess up a patient's dosage. The FDA said it's not aware of any hacking incidents involving the pumps, whose vulnerability was initially warned of on the US-CERT site in June and then the Industrial Control Systems CERT site in mid-July.To read this article in full or to leave a comment, please click here

Consumers still don’t get two-factor authentication

LAS VEGAS – Telesign, a mobile identity solutions provider, continued to educate the public about its free “Turn It On” Campaign – a step-by-step instructional guide to two-factor authentication (2FA) on some of the most visited websites – at this year’s Black Hat security conference.  Co-founder Ryan Disraeli says that based on Telesign’s “Consumer Account Security Report,” it’s clear consumers want more security but don’t know much – if anything – about 2FA.The report, a study of the changing attitudes and behavior of consumers around their online security, found that “80 percent of consumers worry about online security and 45 percent are extremely or very concerned about their accounts being hacked.”To read this article in full or to leave a comment, please click here

Attackers could take over Android devices by exploiting built-in remote support apps

Many smart phone manufacturers preload remote support tools on their Android devices in an insecure way, providing a method for hackers to take control of the devices through rogue apps or even SMS messages.The vulnerability was discovered by researchers from security firm Check Point Software Technologies, who presented it Thursday at the Black Hat security conference in Las Vegas. According to them, it affects hundreds of millions of Android devices from many manufacturers including Samsung Electronics, LG Electronics, HTC, Huawei Technologies and ZTE.Most of the flagship phones from different vendors come preloaded with remote support tools, Check Point researchers Ohad Bobrov and Avi Bashan said. In some cases they are installed by the manufacturers themselves, while in other cases by mobile carriers, they said.To read this article in full or to leave a comment, please click here

Has Epson killed the printer ink cartridge?

The answer is yes, at least based on this headline the other day in The Wall Street Journal: Review: Epson Kills the Printer Ink Cartridge.However, reading the analysis underneath the headline reveals a much more complicated picture: Epson has a new printer line that can store so much ink that you can practically forget about the need to ever refill it again.From the review written by Wilson Rothman: Epson, the maker of my nightmare printer, has finally put an end to the horror of ink cartridges, at least for people willing to throw cash at the problem up front. The five new EcoTank series printers look like normal models, only they have containers on their sides that hold gobs and gobs of ink. How much? Years’ worth. Enough that your children—or at least mine—could go on a two-hour coloring-page-printing bender and you wouldn’t even notice.To read this article in full or to leave a comment, please click here

1 3,137 3,138 3,139 3,140 3,141 3,611