- Heartbleed bug fix: Tor isn’t a safe haven either | BGR
- Heartbleed Software Snafu: The Good, the Bad and the Ugly - Scientific American
- ニュース - OpenSSLの「心臓出血」脆弱性、被害報告が相次ぐ：ITpro
- Hackers from China waste little time in exploiting Heartbleed
- OpenBSD から見て Heartbleed は氷山の一角に過ぎない | スラッシュドット・ジャパン Submission
- “Heartbleed”で秘密鍵を盗むのは難易度高、攻撃活動も現状では少数 -INTERNET Watch
- BBC News - LaCie warns of suspected credit card data breach
- LaCie discloses details about year-long security breach | The Verge
- French hard-drive maker LaCie cops to YEAR LONG card data leak • The Register
- Hardware Giant LaCie Acknowledges Year-Long Credit Card Breach — Krebs on Security
LaCie (now owned by Seagate) had been compromised by a group of hackers that broke into dozens of online stores using security vulnerabilities in Adobe’s ColdFusionsoftware. In response, Seagate said it had engaged third-party security firms and that its investigation was ongoing, but that it had found no indication that any customer data was compromised.
Microsoft Threat Modeling Tool 2014
Smartphone Anti-Theft Voluntary Commitment
- [original] Smartphone Anti-Theft Voluntary Commitment
- Apple, Google, Microsoft Embrace the Fight Against Smartphone Theft
The tool will enable the user to remotely wipe data from the phone and render it inoperable in case the phone is stolen or lost. Furthermore, the tool will prevent reactivation without user's permission (including factory reset attempts), but it will allow the authorized user to reverse the inoperability and restore data in case the phone is recovered.
A spokesman for the clinic told El Reg that the "perpetrator" compromised its systems after exploiting flaws in its website inquiry form. All sorts of personal information including potential clients’ names, addresses, dates of birth, contact details as well as details information about the type of cosmetic procedure they were inquiring about was exposed as a result of the breach.
SRL created its hack by lifting a real fingerprint from a smartphone screen and then carrying out a fairly elaborate process to create a mould out of glue and graphite spray. This was then swiped across the sensor that sits in the phone's home button.
Last Friday, Samsung's new Galaxy S5 arrived with an unexpected and underhyped feature. Like the iPhone 5S, it came with a fingerprint reader, but this reader plugs directly into PayPal, which in turn connects you to dozens of different payment systems. It’s a clever trick: instead of a password, all you need is a fingerprint, carrying you through the entire web. If it catches on, soon you won’t need a password at all.
Last year, Google was accused of its illegal interception of all electronic communications sent to Gmail account holders and using the gathering data to sell and place advertisements in order to serve related ads to its users. Practically, the more information you let Google collect about you, the more accurate its adverts become.
- Financial Services Companies Facing Varied Threat Landscape | Threatpost | The first stop for security news
- 「リーブ21」公式サイト、不正アクセスで改ざん サイト停止 - ITmedia ニュース
- ニュース - 2013年は大規模データ侵害の年、シマンテックがセキュリティ脅威発表：ITpro
- 【PC遠隔操作事件】C#でのプログラム作成能力を巡って（第6回公判メモ）(江川 紹子) - 個人 - Yahoo!ニュース
- XP最後のアップデート公開へ、攻撃発生のWord脆弱性も修正と予告 - ITmedia ニュース
- エフセキュアブログ : インターネット監視の隠れた危険性