InformationWeek: The Business Value of Technology

InformationWeek: The Business Value of Technology
e2 Conference & Expo - Boston 2013

Informationweek Influencer

eEyeDigitalSecurity

eEyeDigitalSecurity (@eEye)

Twitter Bio:
eEye is now part of BeyondTrust, the global leader in providing Context-Aware Security Intelligence. Follow us @BeyondTrust
Location:
Carlsbad, CA
Website:
http://www.beyondtrust.com/

eEyeDigitalSecurity's
Network
Ryan Naraine Dave Whitelegg regsecurity DataLossDB Rob Lewis Ars Technica The Verge Jason M Oliver PHYSECTECH Andrew Jaquith Avram Marius (d3v1l) Jack Daniel eEyeDigitalSecurity helpnetsecurity Ben Tomhave Patrik Runald Alan W. Silberberg Dave Piscitello jcran Anita Campbell James Lyne 0x410x410 Webroot Joey Tyson Web Security News Andrew Waite ID Experts ToolsWatch

eEyeDigitalSecurity's Selections From the Web

HackRF Jawbreaker Could Bring Low-Cost Wireless Hacking to the Masses

 |3 Influencers

Generations of hobbyists hardware hackers have spent countless hours messing with piles of radio gear, happily tinkering away in garages and basements looking for new ways to connect to people around the world. Now, a researcher has put together a new radio called HackRF that is a kind of all-in-one hacker's dream with functionality to intercept and reverse-engineer traffic from a wide range of frequencies and sources.HackRF is the work of Michael Ossmann of Great Scott Gadgets, and the idea behind the project was to build a multipurpose transceiver that a user could attach to his computer and use as a "software-defined radio". Ossmann has released

Apple Patches Remote Desktop Flaw
Apple Patches Remote Desktop Flaw

 |2 Influencers

Apple has released a fix for a vulnerability in its Remote Desktop product that could result in sensitive data not being encrypted, even when users have the product configured to send all data in encrypted form. The vulnerability can lead to information leakage and Apple says the issue affects versions 3.0 and later.

The vulnerability in Apple Remote Desktop is fixed by adding an SSH tunnel to the connection, which wraps the connection in an encrypted tunnel.

"Connecting to a third-party VNC server with 'Encrypt all network data' set may lead to information disclosure Description: When connecting to a third-party VNC server with

Newest Java 7 Update Still Exploitable, Researcher Says
Newest Java 7 Update Still Exploitable, Researcher Says

 |3 Influencers

Oracle last week patched the two zero-day vulnerabilities in Java that attackers had been exploiting in targeted attacks, but it didn't take long for researchers to poke more holes in the software. A new bug that allows a complete Java sandbox escape has ben identified already, the latest in what has become a long line of flaws haunting the Java software running on hundreds of millions of machines.Ada Gowdiak, a researcher at Security Explorations, a Polish firm that said it sent more than a dozen security vulnerabilities in Java to Oracle several months ago, said that upon downloading and inspecting the Java 7 update 7 file, he found that one

Scareware and Phishing Scams Play on Windows 8 Launch

 |3 Influencers

Windows 8 isn't yet a week old, but the scammers and phishing crews already are taking their swings at it, setting up new campaigns based on the shiny new operating system. Security researchers have identified a new scareware campaign playing off of the Windows 8 launch, as well as a phishing email trying the same tack.The public release of Windows 8 was just last Friday, Oct. 26, and most people probably haven't even seen the OS in person yet. But that's not stopping the scammers from trying to make a buck off the back of Microsoft's work. This shouldn't come as a surprising development, given that these crews use virtually every major news

SMSZombie Malware Infecting Android Devices, Stealing Money
SMSZombie Malware Infecting Android Devices, Stealing Money

 |5 Influencers

A nasty new piece of malware that has the ability to steal money from users' via fraudulent SMS payments has shown up in a Chinese Android market and researchers say it's infected more than 500,000 victims. The SMSZombie malware is being hidden inside apps on the app market and once it's on a device it has the ability to prevent users from uninstalling it.

TheĀ SMSZombie malware targets Android devices and uses a flaw in the SMS payment system used by China Mobile to forward payments to the attackerĀ without the user's knowledge. Researchers at TrustGo, a mobile security company, found that the malware is hiding inside of various

Get InformationWeek Daily

Don't miss each day's hottest technology news, sent directly to your inbox, including occasional breaking news alerts.

Sign up for the InformationWeek Daily email newsletter

*Required field

Privacy Statement



Upcoming Events

This Week's Issue

This Week's Issue
Back Issues
Must Reads &
IT Trends
Free Print Subscription

Special Issue

Supplemental Issue
Back Issues
Must Reads &
IT Trends

Current Government Issue

InformationWeek Government - May 2013
Back Issues
Must Reads &
IT Trends
In this issue:
  • The Government CIO 25: These influential and accomplished government IT leaders are finding ways to be cost efficient and still innovate.
  • Rethink Video Surveillance: It's not just about networked cameras anymore. New technology provides analytics, automation, facial recognition, real-time alerts and situational-awareness capabilities.
  • Read the Current Issue

Related Whitepapers

 
 
What's this?
More >>

Related Reports

 
 
What's this?
More >>





Video