Attackers Can Access Dropbox, GDrive, OneDrive Accounts Without User's Password
A report by Imperva shows how an attacker could easily get their grubby hands on cloud storage and synchronization accounts, without even needing the user's password, and use them in their illicit...
View ArticleThe tainted public IP address
Firstly, I am not sure if this goes into the security or networks category but I thought this was more appropriate but if its not sorry for the mistake.Second, today as I was surfing the interwebs I...
View ArticleUbiquiti Networks taken for $39M
Lifted off /r/sysadmin but ouch!!http://www.csoonline.com/article/2961066/supply-chain-security/ubiquiti-networks-victim-of-39-millio...
View ArticleInteresting Reddit thread on brute-forcing an AES-256 encryption key
Found this interesting: http://www.reddit.com/r/theydidthemath/comments/1x50xl/time_and_energy_required_to_bruteforce_a_aes2...
View ArticleTime lapse recording of IP camera
I have an existing high resolution IP camera, and I'd like to 'record' time lapse video from it. Anyone have experience/ideas on this. It's a skyscraper being built, so one picture a minute?? should...
View ArticleClik here to view.
The Inside Story Of The Biggest Hack In History
It was known inside the InfoSec community, but now more details have been made public through CNN after a BlackHat 2015 presentation:"Three years ago, the world witnessed the worst hack ever seen. And...
View ArticleTracking data transfer to USB device
Hello fellow SpiceHeads, Can I enable something in Windows 7, GroupPolicy, or on network share that will allow me to see what and when something is taken off or copied from a network share to a USB...
View ArticleSecurity+ or SSCP???
Hello All,I have a question for you. I am looking into either getting my SSCP or my Security+ certification. They both cost about the same and they both deal with security. However, I am looking for...
View ArticleMinor Facebook privacy issue discovered by software engineer
Software engineer Reza Moaiandin, technical director of Leeds-based Salt.agency, took note of a relatively unused Facebook feature which allows users to search for other Facebook users, using only...
View ArticleHow to deal with or get around password sharing?
I work in a law firm that has an average one secretary for every two to three attorneys. A good chunk of the attorneys are super old school and refuse to do most things for themselves. So, when they...
View ArticleClik here to view.
KVM for security camera servers with multiple receivers
I have two Windows XP based security camera servers, each with 16 video input capture cards. The camera software only works on the local console.When originally installed, the two servers were plugged...
View ArticleFingerprints stored in readable .bpm file
Original article: http://www.theregister.co.uk/2015/08/10/htc_caught_storing_fingerprints_as_worldreadable_cleartext/FTA: Four FireEye researchers have found a way to steal fingerprints from Android...
View ArticleDecrypting a Truecrypt encrypted system volume
I've had 2 laptops returned to me which were encrypted before I joined this company, I have done some digging but I cannot find any rescue disks for these laptops. I do know the TC password for each...
View ArticleBlack Hat and Def Con 2015 roundup, or what you missed last week
Last week, Las Vegas played host toBlack HatandDef Con, two of the largest securityconferences in North America. With more than 10,000 attendees at Black Hat and nearly 20,000 attendees at Def Con,...
View ArticleHow To Verify Equipment Is Securely Disposed?
What would you do? Are both options secure?We have some old managed network equipment that is to be disposed. We want to make sure we don't expose any potential network configuration info, that could...
View ArticleUnexpected security threat: your CPU
This is a bit interesting, I guess something I had never given much thought, makes since though.I guess the processing work on a CPU is assigned different privilege levels (at least with CPUs...
View ArticleIs Taylor Swift the best InfoSec voice on twitter?
As the voice behind @SophosRich, I spend a lot of time on Twitter and I recently discovered @SwiftOnSecurity and had a good laugh wondering if her malware remediation strategy might be to just...
View ArticlePhysical security needed
Recently we had a couple minor thefts of IT equipment. I got approved to spend $200 on a physical lock for server room. I'm hoping to find a keyless entry solution with user accounts and logging....
View ArticleChanging domain password suddenly losing private keys?
The certificates I'm referring to are user-installed Symantec email certs that end up stored in the "Personal" section of each user's account. They work fine aside from this problem.I'm on a Samba...
View ArticleIp camera software
I have 6 Ip cameras that are all from different manufactures. I looking for an open source software that will view & record the images for review. I having trouble find a DVR that can connect all...
View Article