Feed aggregator

BlackBerry Updates Products Affected by Heartbleed

Threatpost for B2B - Tue, 05/13/2014 - 16:12
BlackBerry released an advisory today that its updates are available for its products affected by the Heartbleed OpenSSL vulnerability.

Iranian Hackers Target US Defense Contractors

Threatpost for B2B - Tue, 05/13/2014 - 14:07
The Ajax Security Team of Iran has been linked to attacks against the U.S. defense industrial base and Iranian dissidents inside and outside of the country, FireEye said.

SMTP STARTTLS Deployments Better than Expected, Facebook Says

Threatpost for B2B - Tue, 05/13/2014 - 13:30
Facebook dug into the prevalence of SMTP STARTTLS deployments for email encryption and found that 58 percent of messages are sent encrypted and certificate validation happened without a hitch.

Bitly Developing Two Factor Authentication Following Compromise

Threatpost for B2B - Tue, 05/13/2014 - 12:45
Link-shortening service Bitly announced that it’s ramping up its development of two-factor authentication following a compromise that leaked user information on Thursday.

Another DNS Provider Targeted in DDoS Attack

Threatpost for B2B - Mon, 05/12/2014 - 15:35
DNS providers PointDNS is back online after mitigating a massive DDoS attack last week.

Regulators Planning Cybersecurity Assessments for Banks

Threatpost for B2B - Mon, 05/12/2014 - 14:45
The Federal Financial Institutions Examination Council (FFIEC) announced last week that it will work harder to try to identify vulnerabilities in smaller community banks and is planning to better raise awareness when it comes to cyber threats.

Researchers Quantify Fake Certificates Used in SSL Connections

Threatpost for B2B - Mon, 05/12/2014 - 13:20
Engineers at Facebook and Carnegie Mellon University quantified the number of forged certificates used in 3.5 million SSL connections with Facebook during a four-month period.

Points of Sale Poorly Secured, Facing Sophisticated Attacks

Threatpost for B2B - Mon, 05/12/2014 - 12:31
As the sophistication and deployment of PoS malware increases, organizations struggle to defend against even simple attacks.

IBM Patches Predictable Output Problem in SecureRandom PRNG

Threatpost for B2B - Fri, 05/09/2014 - 14:56
A researcher at Cigital has published details on recently patched vulnerabilities in IBM's SecureRandom PRNG that could have allowed an attacker to predict its output.

Threatpost News Wrap, May 9, 2014

Threatpost for B2B - Fri, 05/09/2014 - 13:08
Dennis Fisher and Mike Mimoso discuss the major news stories of the last couple of weeks, including the proposal in TLS 1.3 to drop RSA key transport, the Snapchat FTC settlement and the end of Windows XP support. And no Heartbleed talk!

Bitly Compromised, Users Urged to Change Passwords

Threatpost for B2B - Fri, 05/09/2014 - 12:02
Link shortening service Bitly informed its users that it believes user credentials – passwords, API keys and OAuth tokens – have been compromised.

Twitter Upgrades Account Security Features

Threatpost for B2B - Fri, 05/09/2014 - 10:41
Twitter has made a couple of changes to the service’s login process to help prevent account takeovers and enable users to reset their passwords in a simpler way. A Twitter account is among the more valuable assets for an attacker who is targeting a specific person. Accounts typically are tied to a user’s main email […]

Digi ICS Gateways Vulnerable to Heartbleed OpenSSL Bug

Threatpost for B2B - Fri, 05/09/2014 - 09:56
Industrial control system wireless gateways from Digi International are vulnerable to Heartbleed, ICS-CERT warns. The vendor has firmware upgrades available and urges immediate updates.

Microsoft to Patch IE Again Next Week; Adobe to Clean Up Reader, Acrobat

Threatpost for B2B - Thu, 05/08/2014 - 15:48
Microsoft will patch Internet Explorer again one week after an out-of-band patch for a zero-day vulnerability in the browser.

Health and Fitness Apps Poor at Protecting Privacy, FTC Says

Threatpost for B2B - Thu, 05/08/2014 - 14:36
A study conducted by the Federal Trade Commission looked at 12 different health apps and found they sent user information to 76 different third parties.

Snapchat Settles With FTC Over Privacy and Security Concerns

Threatpost for B2B - Thu, 05/08/2014 - 14:20
Snapachat, the maker of the popular video and photo chat app, has agreed to settle charges by the Federal Trade Commission that the company misrepresented the supposedly ephemeral nature of the messages users send and failed to take adequate security precautions with the data it collects, leading to a data breach earlier this year that […]
Syndicate content