Google Provides Detailed Analysis of GitHub Attack Traffic

LinuxSecurity.com: The high-profile DDoS attack against GitHub that went on for several days last month was the end result of an operation that included several phases and extensive testing and optimization by the attackers. Researchers at Google analyzed the attack traffic over several weeks and found that the attackers used both Javascript replacement and HTML injections.

From: Linux Security

Share

The Further Democratization of Stingray

LinuxSecurity.com: Stingray is the code name for an IMSI-catcher, which is basically a fake cell phone tower sold by Harris Corporation to various law enforcement agencies. (It’s actually just one of a series of devices with fish names — Amberjack is another — but it’s the name used in the media.) What is basically does is trick nearby cell phones into connecting to it.

From: Linux Security

Share

Paypal Exec Aims to take Biometrics to a Whole New Level: Goodbye Passwords

LinuxSecurity.com: The head of developer advocacy for Paypal and Braintree, Jonathan Leblanc, has an idea that will seem absurd to some, innovative to others and terrifying to still others. The executive of the multi-billion dollar eBay subsidiary suggests in a recent presentation called “Kill All Passwords” that “true integration with the human body” is the way forward.

From: Linux Security

Share

Hacking Airplanes

LinuxSecurity.com: Imagine this: A terrorist hacks into a commercial airplane from the ground, takes over the controls from the pilots and flies the plane into the ground. It sounds like the plot of some “Die Hard” reboot, but it’s actually one of the possible scenarios outlined in a new Government Accountability Office report on security vulnerabilities in modern airplanes.

From: Linux Security

Share

6 Most Dangerous New Attack Techniques in 2015

LinuxSecurity.com: Experts with the SANS Institute convened at RSA Conference for their annual threats panel, this time dishing on the six most dangerous new attack techniques. Led by SANS Director John Pescatore, the panel featured Ed Skoudis, SANS faculty fellow and CEO of CounterHack Challenges, Johannes Ullrich, dean of research for SANS, and Michael Assante, SANS project lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security.

From: Linux Security

Share

RSAC 2015: RSA Conference (Day 3)

LinuxSecurity.com: For me – today is part two of running the gauntlet with back-to-back meetings; for everyone else today is day three, easily described as the show’s apex. In other words, there’s a lot going on today at the conference, so we’ll start the day with a bit of news.

From: Linux Security

Share