- Social Engineering Attack I: The website of “The New York Times” was unavailable on Wednesday morning. According to KrebsOnSecurity a sophisticated phishing attack against newsroom reporters led to hacking of the site.
- Social Engineering Attack II: “Outbrain” who provides link recommendation services to Washington Post, CNN and the Time Magazine faced a security breach this week. As a consequence links on the sites redirected readers to the website of the Syrian Electronic Army (SEA). According to Outbrain, a phishing email was sent to all employees at Outbrain purporting to be from Outbrain’s CEO. It led to a page asking Outbrain employees to input their credentials to see the information.
- NSA surveillance: Lavabit and Silent Circle shut down their encrypted email services. Read interviews of Silent Circle CEO Michael Janke to discover the inside story and Lavabit founder Ladar Levison and his lawyer. Also here’s an interview of PGP inventor and Silent Circle co-founder Phil Zimmermann on the surveillance society.
- IT Threat Evolution: Kaspersky published their IT Threat Report for Q2/2013.
- The City of London stops smartphone tracking recycle bins. The bins which are located in the Cheapside area of central London, logged the MAC address of individual smartphones.
- Web Application Security: Are attackers dot-dot-slashing their way into your data? Directory traversal (or Path traversal) attacks are too old and too simple to mention? According to recent Web Application Attack Reports, they still make up more than 30 percent of the attacks against web applications.
IT-Security-Links #34
SWITCH Security-Blog 