Technology content trusted in North America and globally since 1999
7,598 Reviews & Articles | 56,139 News Posts

Hacking & Security Posts - Page 3

Explore ancient virus' with the Internet Archives malware museum

By: Jeff Williams | More News: Hacking & Security | Posted: Feb 5, 2016 8:02 pm

If you get infected with Malware today, it's a very serious issue that could potentially compromise and complicate your life. Back in the day before the rise of botnets and ransomeware, viruses were quite cheeky and sometimes very bizarre. The Internet Archive is letting you explore what those antiquated infections could do, without the danger of course.





The collection is a whimsical exploration of virii from the 1980's and 1990's that was curated by Jason Scott from Internet Archive and Mikko Hypponen, a chief researcher from F-Secure. Click on any of the examples and you'll be greeted with the animations and messages that tended to be the end result. They're safely contained within a DOS box emulator, but are without their destructive powers anymore anyway.


Despite the cute messages and animations, these did have nasty effects on your PC back in the day. They corrupted files, slowed your system and ended up wreaking havoc. At least the cutsey messages could brighten your day. Kind of.

New biometrics uses a 'Brainprint' for identification, 97% accurate

By: Jeff Williams | More News: Hacking & Security | Posted: Feb 5, 2016 4:55 pm

Biometrics are something we've been using to uniquely identify other humans since the 13th Century, but the current methods are flawed and can be spoofed with enough creativity and time. So now researchers have found another novel way to uniquely identify people: With "Brainprints".




A brainprint is the unique way in which your neurons fire when reading, or doing anything. It's a distinct and consistent way to identify people. New research by the Basque Center for Cognition and Binghamton University into the brainprint has been able to show just how unique our thought patterns actually are. They were able to identify people with 97% accuracy just based on them thinking about a particular word that flashed on a monitor in front of them for a half of a second.


That's good news for the coming robot revolution, because until brain thought patterns can be faked, we'll at least be able to know whose who, and not human. But in more practical terms it could be another piece to the puzzle of authentication. As a means to make a password it's horrible, but in a multi-factor authentication scheme, it could be used to identify that you're actually who you say you are and present at the time of entering your pin or password.

Continue reading 'New biometrics uses a 'Brainprint' for identification, 97% accurate' (full post)

Research reveals 57% of dark web is illicit material

By: Jeff Williams | More News: Hacking & Security | Posted: Feb 4, 2016 2:01 pm

The darknet, or dark web, is a conglomeration of hidden services and websites that are accessible only through the Tor network. And as it would turn out, recently published research shows that over 57% of those hidden websites also happen to have some kind of illegal content on them.




The researchers, Daniel Moore and Thomas Rid from King's College London, created a custom script that parsed through some 5,025 live .onion based websites and found that 1,547 hosted some kind of material that's criminal in nature. The leading activity seems to surround drugs, with financial related criminal enterprises taking in a close second.


It's not necessarily a surprising finding, given that the idea of privacy and security tend to attract the unsavory types by their very nature. But the researchers do note that it doesn't have to be that way. And that perhaps removing hidden services from Tor could help, somehow.

Continue reading 'Research reveals 57% of dark web is illicit material' (full post)

OpenSSL gets patched for a problem that probably doesn't effect you

By: Jeff Williams | More News: Hacking & Security | Posted: Jan 31, 2016 2:27 pm

The OpenSSL project has found, and patched, an issue that was fairly serious though it likely didn't effect very many people, or businesses for that matter.




The problem seems to have stemmed around how the open-source implementation of SSL and TLS reuses prime numbers while the Diffie-Hellman key-exchange protocol is used, making it far easier for a would-be attacker to decrypt your information. The good news is that in order for that to happen, a particular setting has to physically be set on, because it's not on by default.


Even better is that in order to have enough information to actually crack the encryption, there the attacker would have to connect (and reconnect via separate handshakes) several times. So it's not something that's of too much concern, certainly not at the same level of the Heartbleed vulnerability of 2014.

Continue reading 'OpenSSL gets patched for a problem that probably doesn't effect you' (full post)

Week 2 with the fingerprint reader infused mouse - Where're the apps?

By: Jeff Williams | More News: Hacking & Security | Posted: Jan 29, 2016 12:15 pm

This is the second full week using the Thermal Take Black V2 gaming mouse infused with Synaptic's IronVault optical fingerprint reader, and it's been a mostly great experience, when it comes to the fingerprint reader that is.




To be fair, the particular mouse that it's embedded in isn't quite my cup of tea, but that isn't what's being evaluated here, aside from the positioning of the sensor itself. So let's get that little hiccup out of the way from the beginning. The mouse just isn't quite comfortable for my hand and everyone has their own preferences when it comes to their HID's, but let's move on to the important bits.


The sensor itself has proven to be an accurate and surprisingly useful device. Enrolling your fingerprints is as easy as with any other capacitive sensor you might be used to (read: iPhone or any mobile phone for that matter). Just follow the instructions on the application that interfaces, and you're in business, able to use that stored fingerprint to be the basis for logging in to websites. It's almost magical, and much more so than when it was first introduced to the greater consumer by Apple.

Continue reading 'Week 2 with the fingerprint reader infused mouse - Where're the apps?' (full post)

25 worst passwords 2015, are you using one of them? Time to Change!

By: Jeff Williams | More News: Hacking & Security | Posted: Jan 25, 2016 11:02 pm

Passwords are sometimes the first and last defense for your precious data. We probably mostly try to make them complex and full of symbols, numbers and non-words. But as it turns out, a lot of people still have easy to remember, and easy to hack passwords.




The top 25 passwords have been compiled by a company called SplashData to help show how insecure and unserious so many happen to be about password security. The list for 2015 is both surprising and also very sad. Despite the increase in security breaches and the ready availability of rainbow tables and brute force password lists, simple passwords still seem to persist.


So if you use one of the passwords listed above, you might want to consider changing it. Or you'll be extra vulnerable. And it also might be prudent to start using a password manager

Continue reading '25 worst passwords 2015, are you using one of them? Time to Change!' (full post)

Experts say that Australia is still a sitting duck in cyber warfare

By: Chris Smith | More News: Hacking & Security | Posted: Jan 21, 2016 2:32 am

While there have been some reports of infrastructure and facilities being hacked around the globe in recent years, experts have claimed and continue to state that Australia is a 'sitting duck' in a cyber warfare sense, being an easy target for a small team of experienced hackers.




Professor Greg Austin told the recent international conference on cyber security in Canberra that Australia is "badly lagging" on hacker protection, expanding to say that "As of 1 January 2016, Australia had not embraced the idea of 'information dominance' (largely a cyber space strategy), preferring a less enthusiastic embrace of the revolution in military affairs [RMA] by having a doctrine on 'information activities' shaped largely on the old-fashioned concept of political influencing through propaganda, psychological operations, or disinformation."


While Australia has begun some preparations for hacker threat, Austin explained that it has been a slow turn of events, explaining further issues in the fact that "Australia has also been reluctant to acknowledge the US doctrine of 'prompt global strike', a cyber-enabled military strategy."

Intel introduces Intel Authenticate, designed to stave off hackers

By: Jeff Williams | More News: Hacking & Security | Posted: Jan 20, 2016 6:02 pm

Securing your PC has always been a priority, and a challenge for Intel, especially in the enterprise sector. But vPro, a small co-processor that helps to secure your system in a variety of different novel ways, is a little long in the tooth even though it's still very relevant. So Intel is innovating on their vPro architecture by adding new functionality and making it a much better and more sophisticated in the wake of more refined attack methods.




Intel Authenticate is their new hardware-enhanced multi-factor authentication solution that'll make use of the existing vPro processor to authenticate users. It's able to verify your identity by using a combination of three things; something you have, which is a security token or even a smartphone or an app on that phone, something you know, such as a pin or password, and something you are, biometrics.


How does it work? In the hardware is a certificate that's completely separated logically and physically from the rest of the system, so this certificate is theoretically very secure and can't be spoofed. You're information is stored with that certificate and compared against it. It's actually a very good solution, and this hardware-assisted MFA is a step in the right direction. And with Synaptics making finger-print sensors easier to integrate into systems, and smartphone authentication apps becoming so ubiquitous, it's a natural evolution.

Continue reading 'Intel introduces Intel Authenticate, designed to stave off hackers' (full post)

Malware targeting Australian health sector's Windows XP devices

By: Chris Smith | More News: Hacking & Security | Posted: Jan 20, 2016 1:31 pm

While many health, education and public utility infrastructure facilities are still running Windows XP, recent reports have come to light that Melbourne has experienced some malware issues, sending its Aussie IT team into a fixing frenzy.




The unnamed virus disabled a pathology department in a major health network just yesterday, meaning that all workers had to operate in manual mode, processing blood tissue and urine samples without technological help. The Royal Melbourne Hospital was the target of this attack, with the IT staff on hand quickly working on and implementing a solution to their issues. This infection also came with a warning to all staff - told to withhold from logging into personal accounts such as banking or emails for the time being.


While the effectiveness and capabilities of the malware have not been made public, iTnews reported that it did contain a keylogger.

Continue reading 'Malware targeting Australian health sector's Windows XP devices' (full post)

Keep your luggage safe with this Bluetooth lock and app

By: Chris Smith | More News: Hacking & Security | Posted: Jan 7, 2016 4:35 am

CES 2016 - If you're worried about someone whipping out a bobby pin and Fallout 4-style breaking into your luggage, Dog & Bone are now offering its LockSmart Travel product, a TSA approved, keyless, Bluetooth connected luggage padlock and app.




The app is compatible with Apple iOS and Google Android operated phones, functioning as a keyless and trackable way to keep your belongings safe. Access can be granted to additional smartphones by the owner, hopefully removing a flat battery issue. There isn't any override system as far as we know right now, so what's worrying is that you could be stuck in a foreign country with a flat phone, locked bag and the charger nestled safely within your locked baggage - unable to be taken out and used.


Set for availability in early 2016, the lock contains 128-bit encryption and will cost artound $100.