Joseph Menn reports: The Obama administration hopes Silicon Valley technologists can think of a system with strong encryption that could be pierced legally by one party without opening the door to others, a White House official said on Tuesday. White House cybersecurity policy coordinator Michael Daniel said at the annual RSA Conference on security that…
Category: Commentaries and Analyses
OS X Yosemite still open to Rootpipe backdoor, warns ex-NSA bod
Shaun Nichols reports: Apple’s attempt to fix a serious security weakness in OS X has fallen short, leaving users still vulnerable to malware hijacking their Macs, it is claimed. Patrick Wardle, director of research at Synack, reckons Cupertino has not been able to kill off the so-called “Rootpipe” backdoor that was supposed to be eradicated…
FBI Alert Number I-042115-PSA: Hacktivists threaten to target law enforcement personnel and public officials
An alert issued today by the FBI offers law enforcement personnel some tips to protect themselves. The tips are useful advice for everyone: Summary Law enforcement personnel and public officials may be at an increased risk of cyber attacks. These attacks can be precipitated by someone scanning networks or opening infected emails containing malicious attachments…
NZ: Preliminary review reveals no improper data access to shared online medical records
Nicole Mathewson reports that so far, everyone’s been on good behavior and has not misused access to the online database: Nearly 500 instances of Canterbury health professionals accessing patient medical records have been reviewed since the country’s first online health database was launched, but all were found to be legitimate queries. … The Canterbury District…
Another week, another list of vulnerable EDU sites
Last week, this site compiled a list of universities and colleges that TeaMp0isoN had reported were vulnerable to SQL injection or XSS attacks. This week, I’ve again compiled their tweets into one list. As I did last week, I am only providing the names of the schools and not the vulnerable urls. This week, however, I am also…
Okay, so now they’ll act on the state’s recommendations
I’ve occasionally posted school district audits conducted by the New York State Comptroller’s Office to highlight the state of infosecurity – or lack thereof – in the k-12 sector. Here’s a summary of, and link to, a newly released audit (emphasis added by me): Alfred-Almond Central School District Although a previous Office of the State Comptroller…