November 25, 2016 - Lars Birkeland
Tesla cars can be stolen by hacking the app

Our researchers have demonstrated that because of lack of security in the Tesla smartphone app, cyber criminals could take control of the company’s vehicles, to the point where they can track and locate the car in real-time, and unlock and drive the car away unhindered. Such a hack gives criminals total control of the vehicle, providing additional functionality to that exposed by Keen Security Labs in a different hack in… Read more


November 15, 2016 - Lars Birkeland
A total of 89 per cent of users wouldn’t know if their mobile device had been cyber attacked

A recent survey by app security specialist Promon has revealed that mobile users are massively unaware of cyber threats, with an overwhelming 89 per cent of respondents admitting they wouldn’t know if their device has been infected through a cyber attack. Users’ lack of awareness of mobile threats presents a significant challenge for businesses across every sector, meaning companies need to take extra steps to secure their customers’ data. Avoiding… Read more


stop-think-connect

Too often security experts and security companies focus on the business to business (B2B) or business to government markets (B2G).  STOP. THINK. CONNECT.™ is the global online safety awareness campaign to help all digital citizens stay safer and more secure online addressing the consumer. Last month, the White House and the National Cyber Security Alliance (NCSA) launched “Lock Down Your Login,” a STOP. THINK. CONNECT.™ Initiative.  “We were basically approached by… Read more


unsafeapp

The silent nature of all mobile attacks is what makes them so damaging. Sadly, users are still their own worst enemy as they are not taking the safeguards to help protect themselves in digital mobile market today. As reported by Infosecurity Magazine, today, only 45% report locking their phone with a pin, password or biometric. Yet 83% of consumers are extremely, very or somewhat concerned about Identity theft in America… Read more


Convenience Over Security is Often Not the Best Policy

Now NIST says SMS authentication is a “no-go” Forget your password?  No problem, just click “reset password” to receive a one-time code sent via SMS to your registered mobile phone.  From there you can create a new password to access your account. Inexpensive and Convenient?  Absolutely! Secure?  Maybe. Well, for federal agencies, “maybe” does not make the grade when it comes to security and the National Institute of Standards and… Read more


How to win Pokémon Go (by cheating)

What RASP can do for your app The hottest game in the market today is the new release Pokémon Go, developed by Niantic.  The game forces you to go outside and interact with the real world (in a safe manner, hopefully).  As you walk around, Pokémon appear and allow you to toss Pokéballs at them in an attempt to catch them all.  The more you walk the more you can… Read more


August 8, 2016 - John Gunn
5 Ways That DEF CON Totally Owned Black Hat

The world’s most influential IT security gatherings just concluded and it was bigger and badder than ever. It is magnificently convenient that the two most important conferences, Black Hat and DEF CON, happen the same week in the same city. For two confabs serving the same industry, you won’t find two more distinctly dissimilar events anywhere else. While the overlap in audience is huge (it seemed like every attendee at… Read more


SMS is insecure, and is no longer suitable as a strong authentication mechanism.

The news is in that the National Institute of Standards and Technology has finally stated what both security professionals and hackers alike have known for years: SMS is insecure, and is no longer suitable as a strong authentication mechanism.  SMS Messages are not protected from the wrong eyes seeing them, and there is no assurance that they will actually go to the intended recipient.  So everyone knew this day was… Read more


eIDAS smart card

Now that the eIDAS Regulation is in full effect, the ease of cross-border digital business is a reality in the EU. The new Regulation comes at an opportune time to make trusted communications between businesses, citizens and public authorities easier in Europe – removing the previous hurdles and fragmented legal frameworks from the Regulation’s predecessor, the EU Directive. Many people believed that the Directive mandated the use of the Qualified… Read more


eIDAS: Making Cross-border Digital Business a Reality – Today

A new e-signature Regulation in the European Union comes into effect today, July 1, 2016, which will have an immediate and positive impact on cross-border commerce across Europe. Replacing the existing EU Directive, Electronic Identification and Trust Services for Electronic Transaction (eIDAS) now uniformly recognizes all forms of e-signature – regardless of local interpretation – making it easier to do business across the continent and creating a single, digital market…. Read more