Simple.Concise.On-Target
What more do you want (or need, for that matter), in an astute and equally important - truthful - examination of what makes those pesky Rooskies tick. In this case, personified by that old KGB spymaster Putin. Today's Must Read.
Phishing Phish, Unicode Style →
Graham Cluley, writing at his eponymous blog, educates us in protecting the browser from Unicode Phishing Attacks. Today's MustRead.
SAML Flaws Discovered With SSO Implications →
Kelby Ludwig - writing at Duo Lab's has just posted a fascinating blog entry detailing their recent discovery of SAML vulns potentially affecting a range of implementations and deployments. In this case, the vulnerability appears to be a zero knowledge scenario (of the attributes of the target's password). H/T
"This blog post describes a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password. - via Duo Lab's Kelby Ludwig
Oops.
Printer Vectored Network Attacks Gives New Meaning To Paper Jams →
Seemingly yearly, we see new printer vectored network attacks due to slovely written code in the printer or the offending machine's drives. Here's the latest debacle courtesy of Hacker Noon on their Medium blog.
'Hacking unsecured printers is easy. Unfortunately, according to a Spiceworks survey only 16% of IT industry respondents think printers are at high risk of a security breach! 43% of surveyed companies ignore printers in their endpoint security approach. Well, what adminstrators don’t know will hurt them. Corporations invest in securing their computing devices. Why not printers?' - via Hacker Noon on Medium
Bob and Alice Meet The Ultimate Firewall →
Not the Alice and Bob we know running and frolicking along and about various and sundry paths to Security Nirvana, oh no me prtetties, but the Alice and Bob of mathematics, blackholes, paradoxes and whatnot... Examine - if you will - what happens when the pair meet the ultimate firewall - Today's Must Read.
Steve Sack's 'Russian Troll' →
via Cagle.com comes this thought-provoking editorial cartoon entitled 'Russian Troll'by the eponymous Steve Sack.
What, Me Worry? Car Data, Where Does It Go... →
Where does all of that data gathered by car manfacturers while we drive? Perhaps Jonathan M. Gitlin, reporting for everyone's beloved Ars Technica can fulfill that data request in a speedy manner! Shouldn't the driver/owner of the vehicle make that decision? Enjoy.