recentpopularlog in

CYBERSECURITY

« earlier   
Your USB Serial Adapter Just Became a SDR | Hackaday, Dec 2018
"With a Python script, a length of wire attached to the TX pin, and a mastery of the electron that we mere mortals can only hope to achieve, [Ted] has demonstrated using a common USB to serial adapter as an SDR transmitter."
hacking  SDR  cybersecurity  USB  RF 
3 days ago by pierredv
Teaching Cybersecurity Law and Policy: My Revised 62-Page Syllabus/Primer - Lawfare
Cybersecurity law and policy is a fun subject to teach. There is vast room for creativity in selecting topics, readings and learning objectives. But that same quality makes it difficult to decide what to cover, what learning objectives to set, and which reading assignments to use. 

With support from the Hewlett Foundation, I’ve spent a lot of time in recent years wrestling with this challenge, and last spring I posted the initial fruits of that effort in the form of a massive “syllabus” document.  Now, I’m back with version 2.0.
policy  cybersecurity  syllabus 
4 days ago by wck
SSL/TLS inspection (MITM proxy) : networking
Chrome does not perform pin validation when the certificate chain chains up to a private trust anchor. A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites. “Data loss prevention” appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning.

We deem this acceptable because the proxy or MITM can only be effective if the client machine has already been configured to trust the proxy’s issuing certificate — that is, the client is already under the control of the person who controls the proxy (e.g. the enterprise’s IT administrator). If the client does not trust the private trust anchor, the proxy’s attempt to mediate the connection will fail as it should.
chrome  cybersecurity  tls  mitm  ssl  network  monitoring 
4 days ago by bwiese
Twitter
RT : We’ve been working on whole-of-government incident response plans. outlines the princ…
cybersecurity  from twitter
5 days ago by kcarruthers
The Coming Software Apocalypse - The Atlantic
A small group of programmers wants to change how we code—before catastrophe strikes.
Software  atlantic  hacking  cybersecurity 
5 days ago by jorgebarba
Starwood Reservation Database Security Incident Dec 2018
Marriott has taken measures to investigate and address a data security incident involving the Starwood guest reservation database. This site has information concerning the incident, answers to guests’ questions and steps you can take.
hacking  cybersecurity  Starwood  Marriott 
5 days ago by pierredv
Road Map: Building a More Resilient Internet | National Telecommunications and Information Administration
"... the Departments of Commerce and Homeland Security have developed a road map that charts a path forward, setting out steps to stop the cyber threat to our internet infrastructure."

"The road map is organized into five lines of effort -- Internet of Things, Enterprise, Internet Infrastructure, Technology Development and Transition, Awareness and Education – that include tasks aligned with the actions prescribed in the Botnet Report."
NTIA  cybersecurity  resilience  Internet  DHS  DoC 
5 days ago by pierredv

Copy this bookmark:





to read