Stories by Tim Greene

Apple patches iOS against potent zero-day spyware attack

Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.

Startup IDVector anonymizes like Tor

A pair of former defense cyber security contractors is launching IDVector, a service that creates encrypted connections through an anonymizing network to shield users’ identities and locations and to protect their machines from internet-borne attacks.

Cisco, Fortinet issue patches against NSA malware

Customers of Cisco and Fortinet security gear need to check that their versions of specific devices are patched against exploits patch exploits made public this week as a result of a purported hack of NSA malware.

Snowden: Auction of stolen NSA malware likely political

A public auction of stolen NSA malware may be a warning to the U.S. that blaming Russia for the hack of the Democratic National Committee could have dire consequences, says Edward Snowden, who also famously breached NSA security.

RiskSense lands $7M for assessment service

RiskSense, software-as-a-service that evaluates the security of corporate networks and generates a risk score, has been self-financed since its launch last year, but now has harnessed venture funding to help boost its R&D and hire marketing and sales staff.

Four free tools for handling Amazon Web Services security incident response

Using AWS’s API software developer’s kit or its command line interface, customers can write their own tools for imaging disk instances that have been compromised, say Andrew Krug and Alex McCormack. The pair if researchers presented four tools at Black Hat 2016 that they wrote specifically to deal with incident response in AWS.

FTC seeks research help from DEF CON hackers

The Federal Trade Commission made an appeal at DEF CON in Las Vegas this past week in hopes of getting hackers to help them crack down on manufacturers and service providers that leave customers vulnerable.

Why the ‘cyber kill chain’ needs an upgrade

One of the most popular models for analyzing cyberattacks doesn’t focus enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.

‘Mayhem’ wins $2M first prize in DARPA Cyber Grand Challenge

Cyber-reasoning platform Mayhem pulled down the $2 million first prize in a DARPA-sponsored Cyber Grand Challenge competition that pitted entrants against each other in the classic hacking game Capture the Flag, never before played by programs running on supercomputers.

Black Hat: Kaminsky says Trump is a troll

Donald Trump is a troll looking to say whatever will stir up the most people, according to security expert Dan Kaminsky who delivered the keynote at Black Hat today.

Black Hat: Be wary of HTTP/2 on Web servers

Researchers at Black Hat describe finding four flaws – now fixed - in the way the major server vendors implemented HTTP/2, but warn that the year-old Web protocol remains fertile ground for hackers seeking weaknesses in the way it’s rolled out.

Market Place

[]