With regards to cloud company, Zero-knowledge is a way for allowing the user to encrypt data before it reaches the cloud and leaves the encryption key with the user.
This means that the user is the sole person that can unlock the data since he is the only one who has the key.
Recall for Vaio laptops that may catch fire
Sony has warned that the batteries in its Vaio Fit 11A laptop may catch fire and asked owners to stop using it immediately.
There are 7,158 of these units that were shipped to Europe. If you want to read more about this click this link below.
World’s smallest printer
Would you like to carry your printer wherever you go?Well now you can. Besides all the other devices you can carry with you today, it is also possible to carry a printer with you.
Watering Hole Attacks
Watering hole attacks are attacks to a website made by placing malicious code within a page that will launch an attack on visitors.
Because companies are taking every precaution necessary against malware, it is getting more difficult for hackers to get in.
So instead of forcing their way into secure company employee accounts, they use bait so to speak and prey on employees, encouraging them to go out and bring the hacker into the website themselves.
According to a recent article in the New York Times,
when hackers were unable to breach the computer network at a big oil company, they infected the most popular online menu of a Chinese restaurant with malware. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in the vast computer network of their business.
Common Vulnerabilities and Exposures
CVE-2014-0160 is the official reference to this bug
As Caolan Greene just mentioned on his blog Half a million sites are vulnerable, It is otherwise known as the Heartbleed bug.
It allows an attacker can grab 64K of random memory from a server multiple times while he leaves no trace.
Anything can be in that memory location like SSl private keys and user keys. According to Bruce Schneier who has been writing about security issues since 2004, the bug has been patched. Even so he says that “after you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected.”
Barclays Security Breach
According to a report from the Mail on Sunday, as many as 27,000 customer files containing personal and financial information were taken from the U.K.’s second-largest bank, Barclays Plc (BARC).
The information included details on income, savings, mortgages, health issues, insurance policies and passport and national insurance numbers.
The newspaper said “the whistle-blower provided a memory stick containing files on 2,000 customers and had told it that each of the 27,000 files could be sold for as much as 50 pounds ($82)”.
This really shows that there needs to be tighter security within these large organizations.
Digital Forensics Investigation
In digital forensics the process requires two levels of personnel having specialized training and knowledge to deal with their type of work.
A digital forensic technician gathers or processes evidence at crime scenes. The technician needs to be trained on the correct handling of technology.
Then you have examiners who specialize in one area of digital evidence, either at a broad level for example computer or network forensic, or as a sub-specialist that is image analysis.
Digital Forensics
The internet is a big thing today. This is a very useful commodity, but with it’s usefulness it also brings in problems. A lot of people exploit technology for their own ends and almost 80% of crime today has a digital finger print. This is where digital forensics comes in.