'You have to bake security into the way you’re building the software. You can’t build it and then test for security and then go back and redo the software. Writing it secure the first time is faster.' - Chris Wysopal via re/code
Asymmetrical warfare at it's finest... News, of the United States Navy's deployment this summer - on board the soon-to-be-overhauled USS Ponce [SP-364] - of shipboard energy weapons, in the case, the LaWS system - the first mobile naval coherent light energy weapon system [aka Lasers]. Simply Outstanding.
via We Live Security'sRob Waugh comes this fascinating story of flaws in consumer level routing devices at the most basic levels. Adding the icing to cake, in this matter, is statistical analysis that leads researchers at Tripwire'sVulnerability and Exposure Research Team (VERT) down the rabbit hole of the numbers involved. Current estimates assume 80% of all small office and home routers are flawed. I question the figures, nonetheless the findings are simply astounding.
'The commercial routers used by small businesses are easy prey for such attacks – Tripwire’s security team analyzed Amazon’s 25 best-sellers and found that ‘critical’ vulnerabilities were ‘endemic’. Of the 25 best selling machines,. Tripwire’s team found that 80% of those had security vulnerabilities, and that within that figure, 34% had publicly documented exploits that the firm claims would enable cybercriminals to “craft either highly targeted attacks or general attacks targeting every vulnerable system they can find,” according to a report by International Business Times.' - via We Live Security'sRob Waugh
Maritime drones: A certainty for commercial freight conveyance; yet what are the consequences for the future lest the technology becomes the thrall of nefarious seagoing miscreants? Robotic narcotic submarines and sleeper piratical electro-mechanical 'turks' on the high sea? Mère de Dieu...
via Team Cymru, comes a revelation in leveraged pseudo-bots... In this case, over a quarter million compromised small office/home office routers have been enthralled by just two IP addresses based out of London, England, UK. A fascinating whitepaper, detailing Soho Router Pharming has been published along with news of the discovery by Team Cymru, and is available for download.
ScienceNordic writer Anne Marie Lykkegaard reports academicians at the Technical University of Denmark (DTU) have succesfuly implemented ‘dynamic encryption’ within a telephony application, of which, when configured and utilized correctly may protect that communication. Fascinating, but most likely not a panacea. Todays MustRead.