Silensec Newsletter

Top News

GCHQ wants to set your passwords. In a good way

Britain's spy agency the GCHQ has changed its password security guidance in a new document offering sensible advice that, if followed, should harden systems and make life easier for admins and users.

The guidance advocates a ban on password strength meters, mandatory resets, and predictable combinations, instead encouraging brute force rate limiting and reduced access controls. The report busts old and damaging myths too; kill the horrible mandatory password reset and instead force changes only in the event of a possible security breach. Read more...

 

Lockpickers 3-D Print TSA Master Luggage Keys From Leaked Photos!

 The TSA is learning a basic lesson of physical security in the age of 3-D printing: If you have sensitive keys—say, a set of master keys that can open locks you’ve asked millions of Americans to use—don’t post pictures of them on the Internet.
University of Pennsylvania computer science professor and noted lock picker Matt Blaze says that the photo leak and subsequent 3-D printing demonstration does show just how quickly a theoretical slip-up can turn into a real security compromise.
Read more...

 

Read more...
Top News

Stingray stung: FBI told 'get a warrant'

The US Department of Justice has moved to quell the ongoing row over the use of IMSI-catchers like Stingray, with a new policy that requires a warrant before they're deployed. The policy is designed to “establish a higher and more consistent legal standard and increase privacy protections” for the use of cell-site simulators.

The policy takes effect immediately and applies across all DoJ agencies.

The policy also addresses the understandable fear that anyone's cellphone use could be caught by the devices, merely because they happened to be in the same place at the same time as a Stingray was in use. Read more...

 

26 Android Phone Models Shipped with Pre-Installed Spyware!

 A new report claims that some rogue retailers are selling brand-new Android smartphones loaded with pre-installed software. Security firm G Data has uncovered more than two dozens of Android smartphones from popular smartphone manufacturers — including Xiaomi, Huawei , Lenovo , Alps, ConCorde, DJC, Sesonn and Xido — that have pre-installed spyware in the firmware.

The pre-installed spyware, disguised in popular Android apps such as Facebook and Google Drive, can not be removed without unlocking the phone since it resides inside the phone's firmware.
Read more...

 

Read more...
Top News

Google makes it official: Chrome will freeze Flash ads on sight from Sept 1

Google is making good on its promise to strangle Adobe Flash's ability to auto-play in Chrome. The web giant has set September 1, 2015 as the date from which non-important Flash files will be click-to-play in the browser by default – effectively freezing out "many" Flash ads in the process.

Netizens can right-click over the security-challenged plugin and select "Run this" if they want to unfreeze an ad. Otherwise, the Flash files will remain suspended in a grey box, unable to cause any harm nor any annoyance. Back in June, Google warned that, in cooperation with Adobe, it would change the way Flash material is shown on websites. Read more...

 

Ashley Madison: 'Suicides' over website hack

 Two individuals associated with the leak of Ashley Madison customer details are reported to have taken their lives, according to police in Canada. The police in Toronto gave no further information about the deaths. Ashley Madison's Canadian parent company Avid Life Media is offering a C$500,000 (£240,000) reward for information on the hackers, they added.

Details of more than 33m accounts were stolen from the website, which offers users the chance to have an affair.
Read more...

 

Read more...

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed