Home » Archive

Articles in the In Other News Category

Featured, In Other News | Posted 12 Jan 2015 | Comments Off on Obama Proposes 30 Day Hack Notification | 1,968 views
Secure Data

President Obama is pushing new legislation called the Personal Data Notification and Protection Act. This law, if enacted, will standardize the consumer notification requirements in the event of data breach. Under the law, companies would be required to notify …

Featured, In Other News | Posted 6 Jan 2015 | Comments Off on Moonpig API Exposes Customer Info | 8,562 views

Security researcher Paul Price discovered a flaw in the API used by UK greeting card company Moonpig. Their API does not require authentication and exposes customer account details.  He notified them of his findings in August 2013. After 17 months, …

In Other News | Posted 4 Jan 2015 | Comments Off on Clock Runs Out on Microsoft Zero Day | 2,126 views

Microsoft failed to patch a zero day exploit before the automatic 90 day clock ran out. A research submitted a privilege escalation vulnerability in Windows 8.1 to Google’s Project Zero. The bug allows a local user to trick a …

In Other News | Posted 28 Nov 2014 | Comments Off on Uber’s Privacy Problem | 1,467 views

Uber recently blogged about their privacy policy. They claim to use the info they collect for a limited set of legitimate business purposes. When installing the Uber app on Android, the app requests access to the user’s camera, …

In Other News | Posted 21 Oct 2014 | Comments Off on Windows Zero Day | 1,529 views
Microsoft Windows Logo

Microsoft has published an advisory for a Windows 0 day exploit. The exploit is related to the Object Linking and Embedding (OLE) functionality in Windows. OLE functions allow files or data from one file to be embedded into another document …

In Other News | Posted 21 Oct 2014 | Comments Off on Did the DEA go too far? | 1,203 views
Facebook Filler Panel

Sondra Arquiett was busted for possession of cocaine.  She pled guilty and received probation.  She later discovered that the DEA opened a Facebook account in her name and was impersonating her online.  The DEA went so far as to post …

In Other News | Posted 21 Oct 2014 | Comments Off on Android Malware Delivered Via Stego | 985 views

Help Net Security is reporting that malware can be delivered to an Android device via steganographic techniques.  The exploit works by disguising the malware in an encrypted image file. Some obfuscated code is included in the APK to extract the …

In Other News | Posted 14 Mar 2013 | Comments Off on NVD Down Due To Malware | 4,273 views

Ironically, the US National Vulnerability Database is down due to malware on the servers. The NVD serves as a tool that allow system administrators to identify potential problem with operating systems and software that is being run on servers. The …