You May Soon Be Able to Hack the DHS
A pair of senators wants to give hackers a chance to take a swing at the Department of Homeland Security’s networks and internal systems through a broad bug bounty program. A proposed bill introduced in the Senate Friday would build on the foundation of the Hack the Pentagon program that the Department of Defense ran […]
Preventing Forgery With Paper Fingerprinting
In a new study out from a UK based research team, scientists have discovered an inexpensive and easy-to-use way to validate the authenticity of any paper document solely by taking a picture of it with a camera. Capturing the random interweaving of the wooden particles that are used to make up paper, the research team […]
Phone Fraud by Industry | The Financial Story
Whether it’s a bank, a brokerage, or a credit union, customers expect to be able to contact their financial institutions over the phone. They check account balances, transfer money, open new lines of credit, and change account information — each request being facilitated by a call center agent. However, these call center agents have few […]
Ringless Voicemails May Become the New Robocalls
Federal regulators are working on various methods to block robocalls, both to landlines and to mobile phones, with varying degrees of success. As those technologies make their way into the marketplace, some companies now are looking for clearance from the FCC to deliver their messages directly to customers’ voicemails without ringing their phones. The commission is considering […]
RoughTed Malvertising Campaign Bypasses Ad Blockers
A long-running, multi-faceted, malvertising campaign has been found using a technique that enables the sites involved to bypass the protections of ad blockers. Malvertising campaigns can take a lot of different forms and they often involve multiple layers of compromised or malicious sites and lots of redirections. Some campaigns are connected to malware operations and […]
Active-Defense Bill Now Allows Destruction of Data, Use of Beacon Tech
A bill that would allow victims of cybercrime to use active defense techniques to stop attacks and identify attackers has been amended to require victims to notify the FBI of their actions and also add an exemption to allow victims to destroy their data once they locate it on an attacker’s machine. The Active Cyber Defense […]
Serious Samba Flaw Threatens Networks
There is a severe, remotely exploitable vulnerability in many versions of the Samba software that has been siting unnoticed for seven years. The vulnerability is trivial to exploit and there is proof-of-concept exploit code available for it, making it even more dangerous. The Samba maintainers have released a patch for the flaw, and researchers are warning customer […]
On the Wire Podcast: Jessy Irwin
One of our most popular guests, Jessy Irwin, returns to the podcast to discuss the WannaCry ransomware outbreak, usable security, user education, safaris, and why we can’t past the idea of pointing fingers whenever something goes wrong. Music by Chris Gonsalves and Ken Montigny
DDoS Attacks Continue to Grow in Intensity, Shorten in Length
In a new report, Imperva researchers shed some light on how DDoS attacks are evolving and becoming at once more complex and briefer. In the first quarter of this year, 80 percent of all attacks lasted less than an hour with 90 percent of all network layer attacks lasting less than 30 minutes, compared to only 78 percent […]