20-YEAR OLD VULNERABILITY PATCHED IN LZO COMPRESSION ALGORITHM

A 20-year old vulnerability in the Lempel-Ziv-Oberhumer (LZO) compression algorithm – used in some Android phones, the Linux kernel, and even Mars Rovers – was finally patched this week. Code stemming from the algorithm’s library function has existed in the wild for two decades, but was recycled over and over again, which made it tricky to patch. Version 2.07 of the algorithm fixes the longstanding issue – a subtle integer…

Snoopy drone can hack your smartphone when you’re on street !

According to the British experts from Sensepost Security, the project called Snoopy demonstrates the danger of using drones without clear rules. Sensepost created a distributed tracking and data interception framework, which performs simple tracking, real-time and historical profiling of devices and the peoples who own them. So it’s perhaps worth mentioning that Snoopy is a distributed framework compromised of various existing technologies. How does it works? Drones were the main…

Why Two-Factor Authentication Won’t Stop The Hacking Crisis ?

As high profile hacks continue to make news, “two-factor authentication” is becoming a household term. This year alone, Apple, Microsoft, and Evernote have rolled it out to users, and two weeks ago Wired reported that Twitter is developing a two-factor option of its own. Google and Facebook have had it since early 2011. It’s usually described in the media as a sort of silver bullet: Damaging Twitter hacks, the thinking goes, will…

What is Wardriving?

Wireless networks have certainly brought a lot of convenience to our lives, allowing us to work and surf from almost anywhere—home, cafes, airports and hotels around the globe. But unfortunately, wireless connectivity has also brought convenience to hackers because it gives them the opportunity to capture all data we type into our connected computers and devices through the air, and even take control of them. While it may sound odd…

Cloud is the New Security Perimeter

The rise of cloud computing is undeniable and unstoppable, information security professionals have to accept resistance to cloud is futile. The Cisco 2014 Annual Security Report, projects cloud network traffic will grow more than threefold by 2017, with businesses executives eyeing up cloud as the silver bullet in eliminating expensive IT hardware. This cost saving elixir means cloud solutions are often quickly steamrollered in by business, leaving information security playing…

Cloud is the New Security Perimeter

The rise of cloud computing is undeniable and unstoppable, information security professionals have to accept resistance to cloud is futile. The Cisco 2014 Annual Security Report, projects cloud network traffic will grow more than threefold by 2017, with businesses executives eyeing up cloud as the silver bullet in eliminating expensive IT hardware. This cost saving elixir means cloud solutions are often quickly steamrollered in by business, leaving information security playing…

The future of data storage and cloud access at IBM Edge2014

The IBM Edge2014 conference showcased a variety of data storage, management, and cloud access projects. The IBM Edge2014 conference held  in Las Vegas showcased a variety of technologies being developed by IBM that promise to be the future of enterprise data storage. The technologies were presented by Clod Barrera, chief technical strategist for IBM System Storage, and Dr. Axel Koester, executive IT specialist for IBM System Storage. Tony Pearson, Master Inventor and…

“There’s no patch for Human Stupidity.” Well said Hacker News!!!

An article in Hacker News inspired me to write this blog post. Social engineering, in the context of security, is understood to mean the art of manipulating people into performing actions or divulging confidential information. This is a type of confidence trick for the purpose of information gathering, fraud, or computer system access. It differs from traditional cons in that often the attack is a mere step in a more…