Security researchers warn that cybercriminals have started using Java exploits signed with digital certificates to trick users into allowing the malicious code to run inside browsers.Important because starting with update 11 Java security is set to high by default. This forces a user to approve the running of java applets. If the applet is unsigned it is handled differently than a signed applet, not running at all if the security setting is set to very high in java, even if approved by the user. Signed applets will run. Another difference is the appearance of the warning dialog with unsigned applets displaying a confirmation box that plainly states "Security Warning"
Just another reason to be careful in approving anything that you download.
http://www.infoworld.com/d/security/cybercriminals-using-digitally-signed-java-exploits-trick-users-213914
Ars Technica - 3d Printer Technology being put to the best of use, Bongs!!!!!
Don't smoke anything myself, too many years in the Military and too many seriously f**ked up stoner friends but I am sure that somewhere out there someone is saying a little prayer of thanks at being able to inhale their weed through Mario's pubic region.
http://arstechnica.com/gadgets/2013/03/download-this-bong-3d-printer-templates-for-getting-your-buzz-on/
via Hacker News - Steve Wozniak's letter to a Korean high school student
Some decent advice in there.
http://yeonhoyoon.tumblr.com/post/44682321591/letter-from-steve-wozniak-to-a-high-school-student-in
The Carter Center - Jimmy Carter's gracious letter regarding the death of Anti-American dictator Hugo Chavez.
Will he be as gracious when either of the Bushes dies? I doubt it.
http://www.cartercenter.org/news/pr/hugo-chavez-030513.html
SANS News Bites - Cybersecurity Bubble Bursting Among Government Contractors
In what has to be one of the most hilarious examples of naivete that I have seen in quite awhile the editors of SANS write:
(Editor's Note (Paller): So far nearly all the layoffs have been in the business development and management layers. These were caused by competition and resulting price pressure. Under Sequestration however, as agencies look for savings and find the $1 billion each year they had been spending on consultants for cybersecurity hadn't made them any safer, they will cut back on the soft-skilled NIST-FISMA report-writing consultants while retaining the ones with "specializedPlease, everyone knows that the paperwork must flow. The report writers will be the last to go, ruling the earth with the cockroaches after Armageddon. The dirty little secret of any organization is that as long as you get some sort of justification down on paper almost any lapse can be forgiven. That is why report writers are so valuable. They can delay the spending of money on the actual work.
[technical ] skills.")
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=15&issue=18#sID200
No comments:
Post a Comment