Category Archives: Security News

Cisco patches critical authentication flaw in conferencing servers

October 14, 2016   Security News

Hackers could exploit the issue to masquerade as legitimate users.

Cisco patches critical authentication flaw

Credit: Stephen Lawson

Cisco Systems has patched a critical vulnerability that could allow hackers to gain access to Cisco Meeting and Acano servers that are used in enterprise environments for video and audio conferencing.

The flaw allows an unauthenticated attacker to masquerade as a legitimate user because the Extensible Messaging and Presence Protocol (XMPP) service incorrectly processes a deprecated authentication scheme, Cisco said in an advisory.

Read More

Encrypted communications could have an undetectable backdoor

October 13, 2016   Security News

Researchers warn about the use of standardized or hard-coded primes in existing cryptosystems

Encrypted communications backdoor

Credit: IDGNS

Researchers warn that many 1024-bit keys used to secure communications on the internet today might be based on prime numbers that have been intentionally backdoored in an undetectable way.

Many public-key cryptography algorithms that are used to secure web, email, VPN, SSH and other types of connections on the internet derive their strength from the mathematical complexity of discrete logarithms — computing discrete logarithms for groups of large prime numbers cannot be efficiently done using classical methods. This is what makes cracking strong encryption computationally impractical.

Read More

Spotify ads slipped malware onto PCs and Macs

October 10, 2016   Security News

New Spotify subscriber perk: No malware.

spotify desktop
Spotify’s ads crossed from nuisance over to outright nasty this week, after the music service’s advertising started serving up malware to users on Wednesday. The malware was able to automatically launch browser tabs on Windows and Mac PCs, according to complaints that surfaced online.
Read More

Q&A: The myths and realities of hacking an election

October 6, 2016   Security News

CSO Online asked several experts for their thoughts on the realities of election hacking

Credit: Steve Traynor
Election hacking has become a key topic during this year’s presidential elections, more so now that candidates and voters are being actively targeted by actors that are assumed to be acting with Russian support.In this modified edition of CSO Online’s Hacked Opinions series, we explore the myths and realities of hacking an election, by speaking with a number of security experts.
Read More

3 nightmare election hack scenarios

October 6, 2016   Security News

Hackers could target e-voting machines’ software update systems or simply try to delegitimatize the election

Credit: Stu Spivak via Flickr
The question on the mind of many voting security experts is not whether hackers could disrupt a U.S. election. Instead, they wonder how likely an election hack might be and how it might happen.

The good news is a hack that changes the outcome of a U.S. presidential election would be difficult, although not impossible. First of all, there are technology challenges — more than 20 voting technologies are used across the country, including a half dozen electronic voting machine models and several optical scanners, in addition to hand-counted paper ballots.

Read More
« Older posts
Newer posts »