8 Security Spring Cleaning Tips for the Home Office

Uncategorized

31 Terabytes of Academic Research Stolen From US Worth $3.4 Billion

Uncategorized

What is Cyber Hygiene? A Definition of Cyber Hygiene, Benefits, Best Practices, and More

Uncategorized

FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign

Source: Threat Post
FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign
The Department of Justice has announced charges against nine Iranians, affiliated with the Mabna Institute, who are accused of stealing private data from U.S. universities, private companies, and U.S. government departments.

Uncategorized

The Overlooked Problem of 'N-Day' Vulnerabilities

Uncategorized

Adding Backdoors at the Chip Level

Source: Schneier
Adding Backdoors at the Chip Level

Interesting research into undetectably adding backdoors into computer chips during manufacture: “Stealthy dopant-level hardware Trojans: extended version,” also available here:

Abstract: In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community. One of the main concerns is that integrated circuits, e.g., for military or critical-infrastructure applications, could be maliciously manipulated during the manufacturing process, which often takes place abroad. However, since there have been no reported hardware Trojans in practice yet, little is known about how such a Trojan would look like and how difficult it would be in practice to implement one. In this paper we propose an extremely stealthy approach for implementing hardware Trojans below the gate level, and we evaluate their impact on the security of the target device. Instead of adding additional circuitry to the target design, we insert our hardware Trojans by changing the dopant polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), our family of Trojans is resistant to most detection techniques, including fine-grain optical inspection and checking against “golden chips”. We demonstrate the effectiveness of our approach by inserting Trojans into two designs — a digital post-processing derived from Intel’s cryptographically secure RNG design used in the Ivy Bridge processors and a side-channel resistant SBox implementation­ — and by exploring their detectability and their effects on security.

The moral is that this kind of technique is very difficult to detect.

academic papers backdoors computer security hardware malware

Mozilla Tests DNS over HTTPS: Meets Some Privacy Pushback

Uncategorized

Facebook are using advertisements to apologize to their users

Uncategorized

Facebook Collected Your Android Call History and SMS Data For Years

Source: The Hacking News
Facebook Collected Your Android Call History and SMS Data For Years
Facebook knows a lot about you, your likes and dislikes—it’s no surprise.

But do you know, if you have installed Facebook Messenger app on your Android device, there are chances that the company had been collecting your contacts, SMS, and call history data at least until late last year.

A tweet from Dylan McKay, a New Zealand-based programmer, which received more than 38,000 retweets (at the

Uncategorized

Facebook has been acquiring call and text message data from Android Phones for years

Uncategorized
%d bloggers like this: