About this blog
We present the latest IT news and tips, and information about our IT courses. Brought to you by Dr. Daniel Wong and Mr. Jude How
Latest news and events
July 2018
M T W T F S S
« Oct    
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
Facebook like box

Posts Tagged ‘security’

A newly revealed Wi-Fi weak spot puts just about every device at risk, from your work computer to the phone in your hand and the laptop you tote to the coffee shop.

What’s especially frustrating is that the attack, called KRACK, could slip in through a vulnerability in a fundamental security protocol.

Here’s a rundown on all the key information.

Click here to read more

Post to Twitter

 

'Password' is no longer the world's worst password, seeks hi-fives to celebrate

 

Since records began, the word ‘password’ has held the dubious honour of being the world’s worst password, but it has finally earned a reprieve, according to new researcher

Click here to read more

Post to Twitter

Almost two-thirds of Malaysians who use smartphones are at a risk of having their personal information stolen, according to an international survey.

The Unisys Security Index showed that only a third knew how to keep their personal data safe when using apps on the devices.

Click here to read more

Post to Twitter

Often, when we try to connect to a machine/server with ssh (for a secure connection), the ssh client will not know if the public key it is receiving is indeed from the machine/server it is intending to establish the ssh connection with, so you will get the infamous message along the lines of

The authenticity of host ‘server.name.com (192.168.1.2)’ can’t be established. RSA key fingerprint is 5a:33:…[a-fingerprint]. Are you sure you want to continue connecting (yes/no)?

You should preferably not blindly say yes unless you can verify the fingerprint. How can this be done?

In the case where the machine/server is on MacOS, and you have some other way to access the machine (e.g., sitting at the machine), you can easily obtain the finger print, since we know:

a) the public key is stored in /etc/ssh_host_rsa_key.pub (at least, in MacOS X 10.4 till at least 10.7, as we checked)

b) ssh-keygen can generate the fingerprint for you

Thus, we can open a terminal window and type

$ ssh-keygen -l -f /etc/ssh_host_rsa_key.pub

to obtain the RSA key fingerprint. Then we can check that it matches the one seen when you try to ssh to the machine.

Post to Twitter

A DUTCH citizen arrested in Spain on suspicion of launching what is described as the biggest cyberattack in internet history operated from a bunker and had a van capable of hacking into networks anywhere in the country, officials say.

The suspect travelled in Spain using his van “as a mobile computing office, equipped with various antennas to scan frequencies”, an Interior Ministry statement said.

Agents arrested him on Thursday in the city of Granollers, 35 kilometres north of Barcelona, complying with a European arrest warrant issued by Dutch authorities.

He is accused of attacking the Swiss-British anti-spam watchdog group Spamhaus whose main task is to halt ads for counterfeit Viagra and bogus weight-loss pills reaching the world’s inboxes.

The statement said officers uncovered the computer hacker’s bunker, “from where he even did interviews with different international media”.

Click here to read more

Post to Twitter

The Australian Federal Police (AFP) has arrested a hacker claiming to be the leader of the Lulz Security (LulzSec) group, after he inadvertently alerted authorities to his presence during an attack.

The 24-year-old — an Australian national from Point Clare, Gosford — attracted suspicion to himself after attacking and defacing an Australian government website. The AFP has not released the name of the individual, but said his online handle was AusShock, and that he is known internationally by other law-enforcement agencies.

Click here to read more

Post to Twitter

CALL FOR PAPERS: submission web site is now open!

**********************************************************************
27th IFIP International Information Security and Privacy Conference
(SEC 2012)
Creta Maris Hotel, Heraklion, Crete, Greece – June 4-6, 2012
http://www.sec2012.org
**********************************************************************

CONFERENCE TOPICS
Papers offering novel research contributions in any aspect of computer
security are solicited for submission to the 27th IFIP International
Information Security and Privacy Conference. The focus is on original,
high quality, unpublished research and implementation experiences.
Submitted papers must not substantially overlap with papers that have
been published or that are simultaneously submitted to a journal or a
conference with proceedings. We encourage submissions of papers
discussing industrial research and development. Papers should focus
on topics which include, but are not limited to, the following:

– Access Control
– Accountability
– Anonymity
– Applied Cryptography
– Attacks & Malicious Code
– Authentication & Delegation
– Awareness & Education
– Data Integrity
– Database Security
– Identity Management
– Information Security Culture
– Formal Security Verification
– Mobile Code Security
– Policies & Standards
– Privacy Attitudes & Practices
– Risk Analysis & Management
– Security Architectures
– Security Economics
– Security in Location Services
– Security in Social Networks
– Security Models
– Social Engineering & other Human-related Risks
– System Security
– Usable Security
– Trust Models & Management
– Trust Theories
– Trustworthy User Devices

After the conference, extended versions of selected papers will
be considered for publication in a major security-focused journal.
Those papers will undergo at least another review round.

Post to Twitter

The International Conference on Cyber Security, Cyber Warfare and Digital
Forensic (CyberSec2012)
University Putra Malaysia, Kuala Lumpur, Malaysia
June 26-28, 2012
http://www.sdiwc.net/CyberSec2012/

========================================================================
The proposed conference on the above theme will be held at University
Putra Malaysia, Kuala Lumpur, Malaysia, From June 26-28, 2012 which aims
to enable researchers to build connections between different digital
applications.

Post to Twitter