Some software companies invite security researchers to look for weaknesses in their software and then pay they for finding those. That is called a Bounty Bug program. Microsoft is one company that does that. Google has a bounty program for Android. Apple is late to the game, only launching its progr
Last week we wrote about a massive DDoS attack on DYN.com that cut off access to Netflix, Amazon, and many other sites for users in large parts of the USA. Now we know that this was caused by IoT devices. IoT (The Internet of Things) is a technology that is rolling out quickly. What this does is co
Someone, no one is quite sure who, yet, has managed to take Twitter, SoundCloud, Spotify, Shopify, and other sites offline using a DDoS (distributed denial of service) attack this week. The outage affected much of the USA and parts of Europe. These sites are all customers of Dyn.com. They are a com
An activist in the Middle East in August of this year noticed odd text messages coming to his phone. It turns out that those were instructions coming from the command and control center for Pegasus Spyware telling the Spyware what actions to take. The activist alerted Citizen Lab who contacted the
NSA employee Harold T. Martin III has been taken to jail for allegedly stealing documents, files, and maybe devices from the NSA intelligence agency. While there has been some speculation that he might have been the source who leaked a vast amount of NSA tools on the internet recently, including the
Recently the American government issued guidelines for driverless vehicles. This creates national standards so that car manufacturers do not have to figure out how to follow 50 different laws in 50 different states. Analysts have said these rules seek to make this market grow without imposing a heav
Cambridge University researcher Sergei Skorobogatov demonstrated that he can brute force attack the passcode screen lock feature on the iPhone 5c. He did this by physically opening up the iPhone and then making a copy of the memory chip which he then connected to the phone using wires. Then he said
You might have noticed that so many security updates pushed out to Windows include updates to Adobe Flash. Adobe Flash is a security risk that will not go away. Steve Jobs famously fought this web video player, because he did not want the Safari browser dependent on a third-party product. He even w
The newspapers have finally reported what thinking people have already figured out for themselves. What we have been told for decades about setting password policies is based on illogical thinking. The Fallacy of the Complicated PasswordIf you have set up Active Directory, LDAP, or any application
Ransomware is based on the idea that the victim cannot decrypt their encrypted files with a key because it would be impossible to guess the value of the key. The hacker who has encrypted a file like this will sell the victim this key. So you could say that they have held their file hostage and are