As its name implies, it uses Bluetooth Low Energy (BLE) to communicate with an Android Glamoriser app and, as with a growing number of previously dumb and perfectly satisfactory consumer products, it’s SMART – by now most readers will know what’s coming next. Correct: Pen Test Partners researcher Stuart Kennedy found enough weaknesses to remotely override the product’s chosen temperature setting as someone is using it. Writes Kennedy: For instance, if somebody was using the straighteners at 120°C and had a sleep time of say 5 mins after use, you could change that to 235°C and 20 mins sleep time.
Two years after promising to report all HTTP-based web pages as insecure, Mozilla is about to deliver. Soon, whenever you visit one of the shrinking number of sites that doesn’t use a security certificate, the Firefox browser will warn you.
Passpie is a command line tool to manage passwords from the terminal with a colorful and configurable interface. Use a master passphrase to decrypt login credentials, copy passwords to clipboard, syncronize with a git repository, check the state of your passwords, and more.
Cloud adoption is on the rise: According to International Data Corporation (IDC)’s “Nine Ways to Maximize the Value of Cloud Contracts,” 52 percent of all companies are currently using cloud-based delivery models and an additional 27 percent have firm plans to implement cloud solutions within the next 12 months. However, despite the interest in moving to the cloud, companies still struggle with negotiating contracts for cloud-based services. A lack of transparency and formally defined accountability for security from cloud vendors contributes to customer anxiety.
PyPI is the official third-party software repository for Python and a great source of open source libraries and modules for implementing common functionalities. Unfortunately, if a malicious component ends up on it, chances are many developers will download and implement it before it is discovered and removed from the repository.
A 20-year-old man from the Netherlands accused of building and selling Office macro malware was arrested Wednesday. The Dutch National Police’s Office of the Team High Tech Crime (THTC) unit claimed the unnamed bloke, cuffed while on his computer as cops swooped on his home, was responsible for building, selling, and supporting the Rubella, Cetan, and Dryad malware kits.