It was a morning like lots of others...I was headed to the airport for a week in our home office, so I got an early start, checked on the sheep on the way out (yes, sheep), and got on the road. Aside from being ridiculously early, the ride was uneventful until I got to my exit for the Mass Pike. That's I-90 for those of you outside Massachusetts and, when traffic is good (like at 4:30 in the morning), it's the fastest, easiest way to the airport. And the exit was closed. Well darn. I had Google Maps running, not because I didn't know... [Read More]
by RSS Chris Dawson  |  Sep 28, 2015  |  Filed in: Industry Trends
Recently, Beam Technologies announced it would be creating a dental insurance around its connected toothbrushes. Nest also announced it was teaming up with another insurance company, American Family. As a matter of fact, for the better and the worst, this is exactly the kind of connection which is going to raise interest in hacking and/or infecting connected objects. Insurance Fraud. Imagine a fire started at home because one of your halogen lamps set fire to your curtains in the dining room. But you'd rather blame an issue with your oven... [Read More]
by RSS Axelle Apvrille  |  Jul 09, 2015  |  Filed in: Industry Trends
Today Apple announced at their annual Worldwide Developer's Conference (WWDC) their latest versions of their OS X desktop and iOS mobile operating systems. With this announcement came a long list of new features and technologies that as a whole work towards providing a more seamless experience for users of both their mobile and desktop products. With all of these features though, there are a significant number of privacy and security questions that users should keep in mind should they decide to participate in Apple's newly announced Public Beta... [Read More]
by RSS Richard Henderson  |  Jun 02, 2014  |  Filed in: Industry Trends
Today we published new research that shows where Millennials and Gen-Xers stand in regards to passwords, Online marketing practices, email snooping, and their personal data. Below is an infographic summarizing the highlights. Click here to download the full report [Read More]
by RSS Michael Perna  |  Feb 24, 2014  |  Filed in: Industry Trends
All too often, cyber space seems a vast and unregulated "Wild West," where anarchy is the norm and criminal justice remains by-and-large a concept rarely enforced. What's more, the Internet cloaks cybercriminals under a blanket of anonymity, where they have the ability to take down international governments and large-scale corporations at the touch of a button from any where in the world. It's no secret that the "lawless" nature of cyberspace has become an accepted status-quo - so much so that high-profile cybercrime, international privacy breaches... [Read More]
by RSS Stefanie Hoffman  |  Jan 30, 2014  |  Filed in: Business and Technology
Edward Snowden has revealed new information concerning the cryptographic capabilities of the NSA and GCHQ (TheGuardian, ProRepublica, leaking documents...). The CryptoGirl was bound to look into that topic ;) Let's go straight to the point and answer simple questions. Is cryptography unsecure? No, I don't think so. Basically, cryptography is maths (prime numbers, finite fields, polynomials...), and maths are solid science with proofs and demonstrations. Cryptographic algorithms are only seldom broken (e.g MD5). What's quite often "broken" are... [Read More]
by RSS Axelle Apvrille  |  Sep 06, 2013  |  Filed in: Security Research
Feel free to browse through our Zitmo timeline. Please note that variant naming depends on many factors including but not limited to chronology. Hence variant letters (.A) don't always reflect the order of appearance in the wild. [Read More]
by RSS Karine de Ponteves  |  Nov 19, 2012  |  Filed in: Security Research
I recently tried an amazing browser extension named Datarmine whose goal is to secure social network posts. It works for Facebook, Twitter etc. The idea is that your posts get encrypted, and only people with your secret key can decrypt it. Others see a fake replacement post (that you can choose). This is a post encrypted by Datarmine. The end-user chooses the text which is displayed to people who are not authorized to decrypt it. (Text in French basically says "I am trying Datarmine"). This is the real post, decrypted from the message above. I... [Read More]
by RSS Axelle Apvrille  |  Jul 30, 2012  |  Filed in: Security Research
I had always wanted to look into Firefox OS. It's done. I created my first application. What kind of application does a reverse engineer write as first app? A CrackMe of course. You can try it: the sources are available here. But, honestly, it is really a very (very) simple CrackMe, as my real goal was to get acquainted with Firefox OS, and understand the possible risks in terms of malware. We, anti-virus analysts, won't need disassemblers or decompilers for Firefox OS malware That's cool, isn't it (although part of the mystery of our job is... [Read More]
by RSS Axelle Apvrille  |  Jul 30, 2012  |  Filed in: Security Research
For geeks like me, 1986 was a great year... IBM unveiled their \"PC Convertible laptop\", the [\"first MS-DOS virus, Brain,\"]( was released, and the \"Electronic Communications Privacy Act of 1986 (ECPA)\" was enacted. And, why is this so important? Because 27 years later, laptops, computer viruses and this piece of legislation all impact just about everyone in one way or another. But, this article is about email, privacy and you. What does the ECPA have to do with that? See, back in 1986 servers... [Read More]
by RSS UnAttributed  |  Jul 30, 2012  |  Filed in: Industry Trends