Feed aggregator

Chrome Canary Bug Hides URLs A Little Too Well

Threatpost for B2B - Wed, 05/07/2014 - 12:56
A bug in the developer and early adopter version of Google Chrome called Canary fails to display URLs of a certain character length, potentially facilitating phishing attacks.

CryptoLocker Ransomware Moves to Android

Threatpost for B2B - Wed, 05/07/2014 - 10:55
The CryptoLocker ransomware has been wreaking havoc on desktops for months now, demanding that victims pay hundreds of dollars in exchange for the key to decrypt their locked hard drives. Now the malware is expanding its scope, adding the Android platform to its targets. The new mobile version of the malware is being sold by […]

Experts Praise, Express Concern for Revised USA Freedom Act

Threatpost for B2B - Tue, 05/06/2014 - 14:19
House Judicial Committee issues revisions to the USA FREEDOM Act, which will impose limits on the NSA's ability to perform surveillance and spying.

Privacy Coalition Calls For Net Reset in June

Threatpost for B2B - Tue, 05/06/2014 - 14:15
A new alliance composed of privacy and digital rights advocates are encouraging internet users to block mass surveillance and fight back against the National Security Agency on June 5.

Dropbox Patches Shared Links Privacy Vulnerability

Threatpost for B2B - Tue, 05/06/2014 - 14:08
Dropbox has addressed a privacy flaw in its shared links feature that exposed documents to third parties.

TLS 1.3 Working Group Has Consensus to Deprectate RSA Key Transport

Threatpost for B2B - Tue, 05/06/2014 - 13:11
RSA key transport cipher suites could be deprecated in TLS 1.3 in favor of Diffie-Hellman Exchange or Elliptic curve Diffie-Hellman.

Analysis: Spam in Q1 2014

Secure List feed for B2B - Tue, 05/06/2014 - 05:03
The percentage of spam in total email traffic during the first quarter this year came to 66.34%. Attackers spread fake email notifications from mobile applications.

Passcode Bypass Bug and Email Attachment Encryption Plague iOS 7.1.1

Threatpost for B2B - Mon, 05/05/2014 - 16:59
Two issues - one that allows the bypass of the iPhone 5’s security lockscreen and one that fails to encrypt email attachments are affecting the most recent build of iOS, 7.1.1.

Federal Agencies Told to Support TLS 1.2 by 2015

Threatpost for B2B - Mon, 05/05/2014 - 14:49
NIST has released SP 800-52 Revision 1, which provides guidance to federal agencies on the use of Transport Layer Security. The standard recommends that all agencies support TLS 1.2 by Jan. 1, 2015.

White House Calls for Transparency from Data Brokers

Threatpost for B2B - Fri, 05/02/2014 - 16:03
A White House report on big data calls for greater transparency from data brokers and technology companies about how they process consumers' data and how that information is treated.

Researchers Say Accelerometers are Perfect for Pervasive Tracking

Threatpost for B2B - Fri, 05/02/2014 - 14:10
Mobile device accelerometers emit uniquely identifiable data that could be used to track users without permission.

Critical Holes in OAuth, OpenID Could Leak Information, Redirect Users

Threatpost for B2B - Fri, 05/02/2014 - 13:42
A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal among many others.

PHP Updated to Fix OpenSSL Flaws, Other Bugs

Threatpost for B2B - Fri, 05/02/2014 - 10:48
The maintainers of PHP have released two new versions of the scripting language that fix a number of bugs, including a pair of vulnerabilities related to OpenSSL.

Adobe Beefs Up Security in ColdFusion 11

Threatpost for B2B - Fri, 05/02/2014 - 10:29
Adobe is calling out a number of security enhancements built into ColdFusion 11, including new OWASP tools, profile controls and crypto upgrades to existing APIs.
Syndicate content