SEARCH
All Articles
Attackers Targeting Vulnerability in Pulse Secure VPN
The CVE-2019-11510 vulnerability in Pulse Secure VPN is drawing considerable attention from attackers now that an exploit is publicly available.
Encryption Experts Asked G7 to Set the Right Example
Encryption experts from around the world collaborated on an open letter to G7 leaders prior to the summit to not undermine encryption. The fact that the G7 leaders didn't release a statement supporting lawful access for law enforcement and intelligence agencies the way the G7 ministers did back in April is a victory of sorts.
Data Shows IoT Security is Moving Backward
An extensive study by the Cyber Independent Testing Lab of IoT device firmware shows many vendors removing hardening technologies over time.
Georgia Supreme Court Considers When Data Breach Victims Can Sue
The Georgia Supreme Court is being asked to decide whether data breach victims have to wait for actual fraud or theft to happen before they can sue to recover the costs spent protecting themselves after a data breach.
Google and Mozilla Block Kazakhstan HTTPS Interception
A month after the Kazakh government began performing HTTPS interception on some of its citizens, Google and Mozilla have blocked that effort by dropping trust for the government's root certificate.
Deciphering Blackhat
Dennis Fisher, Peter Baker, and Zoe Lindsey try to make heads or tails of Blackhat, the movie that envisions hackers as international assassins and spies.
Nation-State Attacks Target Medical Research
It’s not just individual healthcare records or personal information. Espionage groups with Chinese ties are targeting cutting-edge medical research, especially cancer research, FireEye said.
Backdoor Found in Webmin Utility
Last year, an attacker was able to compromise the build system used for Webmin development and inserted a backdoor into the code, which was only revealed this week.
Hacking for Good: The Cult of the Dead Cow and the Rise of Hacker Culture
Members of the Cult of the Dead Cow are joined by fellow hackers and security leaders Dug Song, Katie Moussouris, and Heather Adkins to trace the origins of hacker culture and its lasting influence.
AWS Promises to Scan for Misconfigured Servers
Amazon Web Services will now scan customer environments for potentially misconfigured servers in the wake of Capital One's data breach. Even though many of these cloud-based data breaches weren't the fault of cloud service providers, many are stepping up to detect problems before they become security incidents.
Coordinated Ransomware Attack Hits Texas Government Agencies
More than 20 Texas agencies have been compromised in a widespread ransomware attack.
New Attack Exposes Serious Bluetooth Weakness
The KNOB attack exploits a weakness in how Bluetooth devices negotiate the encryption key, allowing eavesdropping and decryption of communications.
Chrome and Firefox Removing EV Certificate Indicators
In the coming months, Google and Mozilla will remove the Extended Validation security indicators from the browser address bars.
Proposal to Make HTTPS Certificate Expire Yearly Back on the Table
The question about shortening the validity period for TLS certificates is back in front of the CA/Browser Forum again. CAs still oppose it and browser makers are still for it.
Many HTTP/2 Servers Vulnerable to DoS Bugs
A number of HTTP/2 server implementations are vulnerable to eight newly disclosed denial-of-service flaws.