Researchers from the Horst Goertz Institute of the Ruhr-University Bochum in Germany have demonstrated an account hijacking attack against Amazon Web Services that they believe affects other cloud computing products as well. The attack uses a technique, known at XML signature wrapping or XML rewriting, that has been known since…
Researchers break W3C XML encryption algorithm, push for new standard
Researchers in Germany have demonstrated weaknesses in the W3C XML encryption standard used to secure websites and other Web applications. <img alt="Researchers break W3C XML encryption algorithm, push for new standard, Blog, encryption, Researchers, push, break, standard, algorithm"height="0" width="0" border="0" style="display:none" src="http://segment-pixel.invitemedia.com/pixel?code=TechBiz &partnerID=167&key=segment”/><img alt="Researchers break W3C XML encryption algorithm, push…
Tough to fully assess Duqu threat yet, say researchers
As new information about Duqu continues to come out, some experts are starting to question whether the danger posed by the trojan has been exaggerated. The questions stem mainly from the fact that so far, there has been very little information about Duqu’s true purpose. Symantec, which released a report…
Stonesoft researchers evade enterprise IPS network protection
Finnish security firm Stonesoft claims to have developed 163 new attack methods that can evade network intrusion detection and prevention systems (IPS) over multiple communication protocols including IPv4, IPv6, TCP and HTTP. The company calls these methods advanced evasion techniques (AETs), a term it coined last year when it released…
German Researchers Break RFID Smartcard Encryption
Article source: http://feedproxy.google.com/~r/TheHackersNews/~3/we5xtPdDvFE/german-researchers-break-rfid-smartcard.html View full post on National Cyber Security » Computer Hacking
Researchers ‘hack’ e-voting system for US presidential elections
Researchers at the Argonne National Laboratory this week showed how an electronic voting machine model that’s expected to be widely used to tally votes in the US 2012 elections can be easily hacked using inexpensive, widely-available electronic components. Roger Johnston, head of the Vulnerability Assessment Team at the US Department…
Researchers to Demonstrate Flaw in Browser Security Protocol (September 19, 20 & 21, 2011)
A pair of researchers has cracked a ubiquitous browser encryption protocol……. View full post on SANS NewsBites View full post on National Cyber Security Gregory Evans | LinkedIn Interview With Gregory Evans Gregory Evans Security Expert Gregory Evans on Cyber Crime
Researchers find Mac OS X malware posing as PDF file
Researchers at F-Secure have discovered a Mac OS X malware file masquerading as a PDF file to lure users into installing a backdoor trojan. The malware, flagged as a trojan dropper, installs downloader component that downloads a backdoor program onto the system, while camouflaging its activity by opening a PDF file to…
AES encryption vulnerable to attack, claim Microsoft researchers
Researchers from Microsoft and the Katholieke Universiteit Leuven have discovered a way to break the widely used Advanced Encryption Standard (AES), the encryption algorithm used to secure most all online transactions and wireless communications. The attack can recover an AES secret key three to five times faster than previously thought…
ATMs open to thermal imaging attack, researchers confirm
Researchers have documented a method for working out ATM PIN numbers using residual traces of heat left on keypads after they have been touched by a person’s fingers. The technique described (note: slow download) by Keaton Mowery, Sarah Meiklejohn and Stefan Savage of the University of California at San Diego…