Do you know why a patch is called a patch? Today I learned this awesome coding history fact.
Tagged With security
In December last year, Yahoo admitted that over one billion user accounts were hacked. It looks like thousands of Australian government officials were among the users that had their Yahoo email addresses, passwords and other personal information stolen.
There are several cities across Australia that are currently running or trialling publicly accessible Wi-Fi networks. Most recently, the NSW Government has announced it will be running a sponsored trial of free Wi-Fi on selected public buses across the city. But just because the government is backing the free service doesn't mean it's safe. There are still privacy and data security issues you need to consider if you're going to use any public Wi-Fi network.
Various models of Netgear routers have been found to have a critical security flaw that lets hackers take over the devices and remotely run code on them. The vulnerability is easy to exploit and the list of affected Netgear routers is growing. Here's are all the Netgear routers that have been found to carry the security bug and a possible workaround.
When you enter your password online, the companies behind reputable websites will do a number of things in the background to ensure it is protected. These include hashing the password, using salted hashes and inefficient mathematical algorithms so that even if hackers do get your password data, it will be extremely difficult for them to crack it. But how do these security techniques work? Let's find out.
Security researchers now have an excuse to play video games: Nintendo just launched its very own bug bounty program for 3DS handheld consoles. Here are the details.
Popular video sharing platform DailyMotion has been hacked and millions of usernames, email addresses and hashed passwords of users have been stolen. Around 87 million DailyMotion accounts have been affected and around 85 million of them were linked to unique email addresses. Here's what you need to know.
Cryptography is a massive subject, but one that's becoming increasingly important for the average web developer. While you probably don't need to know the intricate details of ciphers or Transport Layer Security (TLS), it can't hurt to be a least somewhat educated. Enter "Crypto 101" — an online, "pre-release" book that will guide you through both the basic and advanced concepts of cryptography.
Over one million Google accounts have been breached after a malware called Gooligan started spreading like wildfire through third-party Android app stores. Compromised accounts are then used to post fake ratings for malicious apps and to download adware onto infected devices. Even enterprise accounts have been affected. Here's how you can check if your Google account has been compromised.
While big organisations may be used to being targeted by various forms of online attacks, an increasing number of small businesses are falling victim to cybercriminals, according to a security expert from Cisco. He also shared some advice on how small businesses can better protect themselves online.
Earlier this week, a set of vulnerabilities were released that can crash or cause other issues with certain versions of the Network Time Protocol (NTP) daemon, used to synchronise clocks on a variety of computers, with a single malformed packet. This bug affects only affects some Windows systems but other vulnerabilities have also been found that impact some Linux machines along with a number of embedded devices. While these security flaws can't crash servers or computers, it can have severe and unexpected flow-on effects. If you want to find out if your systems are affected and how to apply fixes before different vendors bring out their own patches, read on.
Last week, we reported that the master decryption keys for the Crysis ransomware have been made public. Now security vendor ESET has come out with a free tool to help Crysis ransomware victims recover their files by decrypting them. Here are the details.
A type of denial-of-service (DoS) attack that targets firewalls from a number of vendors including Cisco, Palo Alto and SonicWall was found to have resurfaced earlier this month. Unlike other DoS attacks that rely on pounding machine or network resource with large amounts of traffic, BlackNurse doesn't require much bandwidth at all. Researchers have shown that BlackNurse will work with less than 20Mbps of traffic and is effective even against large enterprise firewalls. For IT administrators who want to test for and mitigate against this kind of attack on their organisation, here are the the instructions.
"Hacking" carries a lot of negativity around it, but not all hacking is used for evil. Learning about it arms you with the necessary knowledge to deal with it, so ethical hacking lets you be the good guy. If you want to learn more about ethical hacking, check out this exploration into the world of penetration testing.