An air-gapped system is designed to be very secure. It is not connected to any other system, network or internet – literally a physical gap between it and the rest of the IT world. If it is not connected, then threat actors cannot connect to it. Mordechai Guri, from Ben-Gurion …
Anonymous browsing – not anymore
Researchers from the New Jersey Institute of Technology have written a paper, which they will present at the Usenix Security Symposium in Boston, demonstrating how threat actors (or governments or law enforcement) could de-anonymise a users from their browsing habits. The attackers would analyse browsing activity and state to determine …
The Rolling Pwn Attack – Honda drivers beware! UPDATED
Here is another research paper outlining how the wireless security car manufacturers are suing to secure our vehicles is woefully inadequate. The vulnerability often comes from the technology being used, having been developed for another task altogether. This time it is Honda – check to see if your car is …
Continue reading “The Rolling Pwn Attack – Honda drivers beware! UPDATED”
Blockchain security
Often it the online processes around blockchain and cyrpto-currencies that are exploited by the threat actors, not the blockchain itself – which remains secure. Following a year of research, a report by Trail of Bits, commissioned by the US Government Defense Advanced Research Projects Agency (DARPA) shows that the blockchain …
Google Threat Assessment Group tackles smartphone malware
This is a follow-up to last week’s story: New commercial spyware for phones – Smart Thinking Solutions This is Google describing how they countered the Hermit smartphone malware and discusses their Project Zero for countering zero-day threats. Spyware vendor targets users in Italy and Kazakhstan (blog.google) Your best defence against …
Continue reading “Google Threat Assessment Group tackles smartphone malware”