J.E. Reich reports: MasterCard might make identity theft a little bit harder — they’re working toward introducing face scanning software that will determine approval of your purchases. The financial services company is planning to launch a test program this fall with a starter group of 500 MasterCard customers this fall. The app is designed with dead accuracy,…
Category: Uncategorized
Mandatory vacation?
Well, I planned to do some news updates while I’m on vacation, but it turns out I couldn’t get a wifi connection at my friend’s home – or an ethernet one. Not sure why my American Apple products are having trouble here and BT support threw up their hands after 49 minutes. So… updating will…
In the exploit biz? FULL DISCLOSURE is your best friend, boffin says
Darren Pauli reports: Auscert Security bod Alfonso De Gregorio says buyers and sellers in the cut-throat exploit marketplace should release their zero-days to the public if they are fleeced. The BeeWise founder says full disclosure of security vulnerabilities helps punish both buyers who fail to pay or on-sell zero-days, and sellers who break contracts and re-sell…
Data breach liability: confidentiality vs. privacy
Glynna Christian and Nikki Mondschein of Kaye Scholer LLP provide food for thought for businesses and covered entities when reviewing contracts with IT service providers: IT service providers, particularly cloud service providers, increasingly are resisting unlimited liability for breaches of privacy and data security obligations in their customer agreements. Instead, they offer unlimited liability for breaches of…
France to enlist hackers to tackle jihadists
France’s Prime Minister Manuel Valls has announced that he plans to turn to computer hackers, often the scourge of governments worldwide, in order to infiltrate online jihadist networks. Read more on The Local (FR).
Stegosploit hides malicious code in images, this is the future
Pierluigi Paganini reports: The security researcher Saumil Shah from Net Square security has presented at Hack In The Box conference in Amsterdam his Stegosploit project which allows an attacker to embed executable JavaScript code within an image to trigger a drive-by download. The Stegosploit digital steganography project could open new scary scenarios for Internet users that could be infected by viewing a picture on…