Security: Updates, IPSec, Elections, AWS and Surveillance
-
Security updates for Wednesday
-
Cisco, Huawei, ZyXel, and Huawei patch Cryptographic IPSEC IKE Vulnerability
-
11-year-old shows it’s child’s play to mess with elections
At the DefCon Voting Village in Las Vegas last year, participants proved it was child’s play to hack voting machines: As Wired reported, within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WinVote machine.
This year, it was literally child’s play: the DefCon village this past weekend invited 50 kids between the ages of 8 and 16 to compromise replicas of states’ websites in the so-called “DEFCON Voting Machine Hacking Village.”
-
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.
Two 11-year-old budding hackers last week at DEF CON in Las Vegas used SQL injection attack code to break into a replica of the Florida Secretary of State's website within 15 minutes, altering vote count reports on the site.
Meanwhile, further down the hall in the adult Voting Machine Hacking Village at Caesars Palace, one unidentified hacker spent four hours trying to break into a replica database that housed the real, publicly available state of Ohio voter registration roll. He got as far as the secured server — penetrating two layers of firewalls with a Khali Linux pen testing tool — but in the end was unable to grab the data from the database, which included names and birthdates of registered voters.
-
How Netflix Secures AWS Cloud Credentials
Netflix has long been the poster child for being an "all-in-the-cloud" organization. The streaming media service relies on Amazon Web Services (AWS) for infrastructure and computing resources that it uses to operate.
-
Researchers Reveal Security Vulnerabilities in Tracking Apps
Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps.
Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable.
"In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."
- Login or register to post comments
- Printer-friendly version
- 3225 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago