Sunday, September 27, 2015

Apple Security Breach Bigger Than First Thought

The internet security firm, Palo Alto Networks reports that approximately 39 applications have been infected with the malicious software. It’s also hard for developers to detect malware like XcodeGhost because it’s deeply hidden.

This is how malware was able to get into the App store. Analysis of infected apps by security researchers appears to be revealing a mix of good and bad news … In the FAQ, the company says iCloud and personal information on apps should be safe, since the malicious code was incapable of finding it.

 Apple also said it is working to make it faster for developers in China to download authentic Xcode instead of turning to other versions that could potentially be compromised. Anywhere from 25 to 50 applications are being removed from Apple Inc.’s App Store after it was discovered they contained malicious code.

http://www.dispatchtimes.com/apple-security-breach-bigger-than-first-thought/104303/

Friday, September 25, 2015

Why Passfault

Passfault more accurately measures the strength of passwords. So accurate that it can predict the time required to crack the password. This information helps administrators determine an acceptable password policy. This also helps users intuition around how to create stronger passwords.


Passfault

Wednesday, September 23, 2015

U2 concert canceled in Sweden due to security breach

U2 canceled a concert in the Swedish capital of Stockholm after a security breach prompted police to evacuate the Globe Arena. Stockholm police spokesman Kjell Nildgren said they stopped Sunday’s event because organizers reported a breach at the security check and ticket control points as spectators were entering the arena.

Bidding for Breaches, Redefining Targeted Attacks


"A growing community of private and highly-vetted cybercrime forums is redefining the very meaning of “targeted attacks.” These bid-and-ask forums match crooks who are looking for access to specific data, resources or systems within major corporations with hired muscle who are up to the task or who already have access to those resources".

Bidding for Breaches, Redefining Targeted Attacks

Hack the Box Blue

https://arcy24.medium.com/hack-the-box-blue-f5ae5b602a5c