Posted 28 Oct 2015 | Comments Off on Bleep User Privacy Compromised? | 777 views
bleep-permissions

Bleep, the private messaging app billed as no personal info required, has laid the foundation for tracking its users. The latest version in the Play store (version¬†1.0.753) requires Identity and Profile privileges on Android phones. When a user …

Read the full story »
Defense In Depth | Posted 11 Jan 2015 | Comments Off on Microsoft Limits Advanced Notifications | 1,370 views
Microsoft Windows Logo

According to a recent blog post, Microsoft will be limiting access to its Advanced Notification Service. ANS provides customers with a heads up of the upcoming patches, which allows them to schedule changes and maintenance windows. Chris Betz wrote …

Communications | Posted 5 Jan 2015 | Comments Off on Gogo Caught Forging SSL Certificates | 1,298 views
Gogo SSL Forgery

Inflight internet connectivity provider Gogo has been caught forging SSL certificates and serving them to their customers. Flyer Adrienne Porter Felt tweeted a screenshot of the a forgery for Google. Her tweet: hey @Gogo, why are you issuing *.google.com certificates

In Other News | Posted 4 Jan 2015 | Comments Off on Clock Runs Out on Microsoft Zero Day | 1,546 views
keyboard

Microsoft failed to patch a zero day exploit before the automatic 90 day clock ran out. A research submitted a privilege escalation vulnerability in Windows 8.1 to Google’s Project Zero. The bug allows a local user to trick a …

Communications | Posted 30 Dec 2014 | Comments Off on How secure is your wearable? | 1,186 views
Youtube Video

We know that common passwords are relatively easy to brute force. Now imagine that you are forced to use a 6 digit number for your password. How long would it take someone to get your password?

Security company Bitdefender has …

Defense In Depth | Posted 28 Dec 2014 | Comments Off on Ready for PCI DSS 3.0? | 1,102 views
Lock Panel

Credit card data breaches are be becoming more prevalent in the news. Breaches result in lost time, money, and reputation for everyone except the hacker. Vigilance is critical.

Vendors have until January 1st to be compliant with the latest PCI …

In Other News | Posted 28 Nov 2014 | Comments Off on Uber’s Privacy Problem | 1,101 views
uber-permissions-cropped

Uber recently blogged about their privacy policy. They claim to use the info they collect for a limited set of legitimate business purposes. When installing the Uber app on Android, the app requests access to the user’s camera, …

Communications | Posted 28 Oct 2014 | Comments Off on AT&T’s New Tracking System | 1,157 views
AT&T Filler Panel

AT&T is testing a new relevant advertising system. It works by providing a unique identifier to every website that you visit on your cell phone.¬† Kenn White has created a test page to verify the presence of the UID. AT&T …

In Other News | Posted 21 Oct 2014 | Comments Off on Windows Zero Day | 1,143 views
Microsoft Windows Logo

Microsoft has published an advisory for a Windows 0 day exploit. The exploit is related to the Object Linking and Embedding (OLE) functionality in Windows. OLE functions allow files or data from one file to be embedded into another document …