Paul Soriano

3,796 Flips | 2 Magazines | 43 Likes | 3 Following | 2,242 Followers | @pvsoriano | Father, husband, Army veteran, security architect, infosec/hacking enthusiast. Views and opinions are my own.

How Dangerous Is End-to-End Encryption?

If it were possible, would proponents of “backdoor” access to encrypted communication also favor equivalent access to the private thoughts in our brains?<p>Last week, FBI Director James Comey testified before two Senate committees about end-to-end encryption, which prevents anyone from spying on …

Privacy

Researchers claim they’ve developed a better, faster Tor

HORNET, a high-speed onion routing network, could be deployed on routers as part of the Internet.<p>Tor, the world's largest and most well-known "onion …

Hackers Remotely Hijacked A Jeep On The Highway

Own a Fiat Chrysler? You may want to update your car’s software.<p>If you drive a Fiat Chrysler vehicle, listen up: Your car may have a gaping security flaw. Uconnect, the Internet-connected software installed in newer Fiat Chrysler models, can be hacked remotely due to a vulnerability in its cellular …

Find A Windows Infection Quickly Without Tools

<b>Note: Part 2 of this article is now posted here.</b><p>After several years doing incident response, I thought it would be useful to give a short list of my …

Who Needs Hackers? You Can Already See Who's on Cheating Site AshleyMadison

Thanks to a common mistake by the site’s developers, it was already possible to identify its users—even before the hack.<p>It turns out that the dating website that promised married men and women "discreet encounters" in order to facilitate cheating on their partners wasn't so discreet after all.<p>A …

Hackers to adultery site Ashley Madison: Shut down or be exposed

mozzi.co

How was Hacking Team hacked?

Author:<p>Published<p>in Data loss, Encryption, Privacy, Vulnerability 4<p>The attacker who stole Hacking Team’s data gained access to an employee’s computer …

Here are all of the crazy illegal things for sale on the hacker forum the Feds just shut down

Darkode, which has been around since 2007, was one of the few online marketplaces for English-speaking hackers (most others are in Russian). US attorney David J. Hickton described Darkode as "the most sophisticated English-speaking forum for criminal computer hackers in the world," in the …

There are 3 main reasons why hackers can't beat Apple Pay’s security

This is particularly true for Apple products, where there is a massive jailbreaking community.<p>Jailbreaking is a popular practice that lets hackers remove the controls Apple builds into its products to stop people taking certain actions - like downloading applications from third-party stores.<p>As a …

What your favorite programming language says about you

Programming languages create fierce tribes around themselves, with developers often getting into "religious wars" over the pros and cons of each.<p>Here's what your favorite programming language says about you, courtesy of the internet.

Hacking Team Another Flash Zero-Day: CVE-2015-5122

Following the Hacking Team data breach, yet another Adobe Flash Player zero-day vulnerability has been found actively exploited in-the-wild.<p><i>Another</i> …

Oracle reportedly wields audits, license disputes to push cloud agenda

Anyone who has ever met an Oracle (ORCL) sales person knows from a high-pressure sale.<p>For these people much of their rich compensation comes in …

The $11 Trillion Internet Of Things, Big Data And Pattern Of Life (POL) Analytics

Every so often a buzzword or phrase in information security discourse surfaces from the infosec jargon din into broader public consciousness. One such buzz phrase is “pattern of life” analytics (POL). POL, to vastly simplify the definition, is a computerized data collection and analysis method used …

Data Protection

The Dinosaurs Of Cybersecurity Are Planes, Power Grids And Hospitals

As we continue down the path toward complete connectivity — in which all devices, appliances and networks connect to each other and the Internet — it is evident that much of our longstanding technology can no longer keep up.<p>And it’s not an issue affecting only tech companies and web-connected …

Meet the dreadlocked hippie who’s an encryption guru and has the NSA freaking out

While encryption and secured messaging has long been a topic of interest in tech circles, the issue became a mainstream and hot-button issue in 2013 …

Privacy

Hacking Team Shows the World How Not to Stockpile Exploits

Bank robber Willie Sutton's famous line about why he robs banks—"because that's where the money is"—was particularly apt this week after the Italian …

German missile battery receives orders from… unknown ‘hackers’ – report

The German Patriot air and missile defense systems, stationed at the Turkish border with Syria, have carried out “unexplained” commands allegedly …

The Hacking Team leaks taught criminals a new way to hijack computers

The Adobe Flash zero day vulnerability was uncovered by researchers at security firm Trend Micro, who claimed to have found it while examining leaked documents from software company, Hacking Team.<p>Zero day vulnerabilities are flaws that are found and targeted by hackers before they are discovered by …

Hackers plan to teach people how they stole 400GB of data from Hacking Team

The incident occurred when hackers infiltrated the Italy-based Hacking Team's network to steal and publish online over 400GB of the firm's data and temporarily hijack control of its Twitter account on Sunday and Monday.<p>The attack saw the attackers leak vast amounts of Hacking Team information, …

CONFIRMED: Chinese government hackers linked to historic hack of US security clearance info

While the Chinese People's Liberation Army typically goes after defense and trade secrets, this hacking group has repeatedly accessed data that could be useful to Chinese counter-intelligence and internal stability, said two people close to the U.S. investigation.<p>Washington has not publicly accused …

Do we really want to keep all our digital eggs in one basket?

LastPass hack reopens debate around whether using password managers is the best way to minimise the risk of being compromised online<p>Are password managers the safest way to guarantee digital security? The recent hack of market-leader LastPass has reopened a debate that many thought had been put to …

Sex, lies, and debt potentially exposed by the latest hack of US data from China

The disclosure last week that hackers had penetrated a database containing such intimate and possibly damaging facts about millions of government and private employees has shaken Washington.<p>The hacking of the White House Office of Personnel Management (OPM) could provide a treasure trove for …

Why Hacking Kaspersky Lab Was A Silly Thing To Do

You may have heard about it already: Kaspersky Lab recently detected and neutralized a sophisticated, very well-planned attack on our networks, most probably carried out by a government-backed group. While the attack managed to get access to data related to my global cybersecurity company’s R&D and …

Cybersecurity

Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks

Hacker group used a "zero-day trampoline" to scale Kaspersky defenses.<p>Not long after blowing the lid off a National Security Agency-backed hacking …

Warning: Major iPhone security flaw makes it painfully easy to steal your password

Apple’s iOS platform is one of the most secure mobile operating systems in the world, and each release brings new security features and enhancements. …

Chinese hackers reportedly stole data from up to 4 million federal employees

According to the Washington Post, Chinese hackers allegedly breached the Office of Personnel Management in December and gained access to personal information of up to 4 million current and former employees.<p>In a statement on Thursday, the OPM confirmed the data breach, which the agency said was …

OpenSSH On Windows – It’s Happening!

So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive …