TAG | security
I spent the last week at the RSA security conference in fear of getting sick before my talk on Friday, the last day of the conference. During that time I was nearly obsessive about using hand sanitizer to protect me against any germs I might be getting from shaking hands, or touching surfaces.
Security researchers discovered a very sophisticated watering hole attack against Forbes.
There is a major trend towards increasingly targeted cyber attacks, from advanced persistent threats (APT), to spear phishing. Now we are seeing targeting applied to watering hole attacks. I think of this as the sniper at the watering hole. (more…)
Right after the Lizard Squad finished with a DDOS attack on the PSN and XBOX networks, they launched an attack against the Tor anonymity system. The attack was simple, set up enough Tor relays to be able to identify a significant fraction of Tor users and connect them with their activity. They got caught because they were bozos (perhaps intentionally). They did the attack hard and fast, which made it easy to identify the rogue relays, and they bragged about it (which told people to look for the attack). (more…)
The Chaos Computer Club recently announced that their website was being blocked by Vodefone as part of their participation in the “Great Firewall of Britain”. This is somewhat concerning as they don’t seem to match any of the criteria for blocking that have been announced. This also blocks access to information and tickets for their upcoming conference. Many people predicted (me, EFF, and many others) that this censorship system would inevitable overreach when it was first announced. (more…)