Recommended reading

The following articles have been curated by USSPI experts and represent information we think is interesting and important. It should be noted that we do not necessarily agree with or endorse the information in these articles, but we do think you’ll benefit from reading them.

Drupal’s security team has released a “public service announcement” calling upon all users of the Drupal content management framework to consider their sites as compromised, and to start afresh, unless their sites were patched against the SQL injection attack revealed two weeks ago within seven hou
Posted on: October 31, 2014 1:27 am
Edward Snowden, left, appears with Glenn Greenwald in a scene from the documentary Citizenfour. (Radius TWC/AP …The FBI has identified an employee of a federal contracting firm suspected of being the so-called “second leaker” who turned over sensitive documents about the U.S.
Posted on: October 28, 2014 3:33 pm
Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.
Posted on: October 28, 2014 12:26 am
Google today announced it is beefing up its two-step verification feature with Security Key, a physical USB second factor that only works after verifying the login site is truly a Google website.
Posted on: October 23, 2014 2:34 pm
SAN FRANCISCO — Bob Foreman’s architecture firm ran up a $166,000 phone bill in a single weekend last March. But neither Mr. Foreman nor anyone else at his seven-person company was in the office at the time. “I thought: ‘This is crazy. It must be a mistake,’ ” Mr. Foreman said.
Posted on: October 23, 2014 2:34 pm
We in the computer world are all too familiar with what we’ve long called “viruses,” the malware that infects our machines and networks.
Posted on: October 20, 2014 12:59 pm
Responding to the rising number of data breaches at US retailers, President Obama on Friday signed an executive order that will implement enhanced payment security measures throughout the federal government.
Posted on: October 19, 2014 3:57 am
Google’s Security Team revealed on Tuesday that the long obsolete, but still all too used, Secure Sockets Layer (SSL) 3.0 cryptographic protocol has a major security flaw. While SSL 3.0 has been succeeded by Transport Layer Security (TLS) 1.0, TLS 1.1, and TLS 1.
Posted on: October 15, 2014 12:21 pm
For almost a year, a company called Titan has operated a network of advertising beacons, devices that are capable of identifying nearby smartphones and which are often used to push advertisements and information to them, installed within pay phone booths throughout New York City without the knowled
Posted on: October 7, 2014 4:41 pm
AT&T is warning consumers about a data breach involving an insider who illegally accessed the personal information of an unspecified number of users. The compromised data includes Social Security numbers and driver’s license numbers.
Posted on: October 7, 2014 4:41 pm
NEW YORK — For the past two weeks, federal agencies and the executive branch have launched a cacophony of critique of Apple and Google for bolstering the encryption on their users’ smartphones.
Posted on: October 7, 2014 4:41 pm
Europol, Europe’s criminal intelligence agency, has painted a grim picture of threats that will be ushered in alongside the Internet of Things (IoT), even predicting that a death caused by an by internet-connected device may happen within the year.
Posted on: October 7, 2014 4:41 pm
JPMorgan Chase & Co has revealed that the personal information of 83 million accounts were exposed when the company’s computer systems were infiltrated this year, making the data breach one of the largest in history.
Posted on: October 3, 2014 2:36 pm
JPMorgan Chase & Co., the biggest U.S. bank, said a previously disclosed data breach affected 76 million households and 7 million small businesses. Customer names, addresses, phone numbers and e-mail addresses were taken, the New York-based bank said today in a regulatory filing.
Posted on: October 3, 2014 2:36 pm
It’s been just two months since researcher Karsten Nohl demonstrated an attack he called BadUSB to a standing-room-only crowd at the Black Hat security conference in Las Vegas, showing that it’s possible to corrupt any USB device with insidious, undetectable malware.
Posted on: October 3, 2014 2:36 pm
Today, news broke of yet more large-scale credit-card breaches at big-box stores, this time at Albertson’s and Supervalu, grocery chains in the American west.
Posted on: October 2, 2014 10:35 pm
Lacoon Mobile Security has discovered a new ‘advanced’ Chinese iOS trojan targeting jailbroken iPhone users in Hong Kong, linked to a previous Android spyware app currently being distributed among protesters via a link shared on WhatsApp.
Posted on: October 2, 2014 10:22 pm
Four men have been charged with breaking into the computer systems of Microsoft, the US army and leading games manufacturers, as part of an alleged international hacking ring that netted more than $100m in intellectual property, the US Department of Justice said on Tuesday.
Posted on: October 1, 2014 2:10 pm
Visit a Norwegian website and chances are you’ll find it ends in .no – the top level domain for the country. However, the country’s domain name authority UNINETT Norid has two more country code top level domains (ccTLDs) up its sleeve. The pair are .
Posted on: October 1, 2014 1:38 pm
The situation with the Shellshock bug is so fluid and complicated that even insiders have trouble keeping it all straight. These questions and answers may help you to understand the bug — actually “bugs” — and what you should do about them.
Posted on: October 1, 2014 1:38 pm