Ripple, a Cryptocurrency Company, Wants to Rewire Bank Authentication
A digital-currency company thinks it can protect the personal information used to perform identity checks in the financial industry.
Companies built around Bitcoin and other digital currencies mostly focus on storing and transferring money. But at least one company is trying to prove that some of the underlying technology can have a much wider impact on the financial industry.
Rapidly scanning the Internet has become vital to efforts to keep it secure.
When a major flaw in the encryption that secures websites was revealed this March, Zakir Durumeric, a research fellow at the University of Michigan, was the first person to know how serious it was. By performing a scan of every device on the Internet, he realized its full potential even before the researchers who had first identified the flaw, known as FREAK.
Google catches bad digital certificates from Egyptian company
Google said Monday an Egyptian company issued digital certificates that could have been used to intercept data traffic to its services, which did not appear to have been abused.
The incident is the latest example of longstanding problems around the issuance of digital certificates, which are used to encrypt data and verify the legitimacy of websites.
Google detected on March 20 that unauthorized digital certificates had been issued for several of its domains by MCS Holdings, a Cairo-based networking and security company, wrote Adam Langley, a Google security engineer.
Samsung will add Microsoft services and let users remove bloatware
Samsung both giveth and (allows users to) taketh away.
The South Korean device maker is, for the first time, giving its customers access to Microsoft services and apps in its newest smartphones and tablets. At the same time, Samsung is allowing customers to strip away apps and bloatware they don’t want on the company’s newest phones.
Recent posts on the XDA Developers Forum indicate that many pre-installed apps on the upcoming Galaxy S6 and Galaxy S6 Edge smartphones can be removed legally and easily. These apps include Gmail, Google + and YouTube; Samsung’s own S Voice and S Health software; and Microsoft’s OneNote, OneDrive and Skype, as reported by Forbes.
New malware program PoSeidon targets point-of-sale systems
Retailers beware: A new Trojan program targets point-of-sale (PoS) terminals, stealing payment card data that can then be abused by cybercriminals.
The new malware program has been dubbed PoSeidon by researchers from Cisco’s Security Solutions (CSS) team and, like most point-of-sale Trojans, it scans the RAM of infected terminals for unencrypted strings that match credit card information—a technique known as memory scraping.
This sensitive information is available in plain text in the memory of a PoS system while it’s being processed by the specialized merchant software running on the terminal.
Security experts have long called for the use of end-to-end encryption technology to protect payment card data from the card reader all the way to the payment service provider, but the number of systems with this capability remains low.