Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 8 hours 39 min ago

San Diego State Warns of Possible Data Breach

Thu, 05/29/2014 - 14:55
San Diego State University has notified some of its current and former enrollees that some of their personal information may have been accessed by unauthorized users.

Of TrueCrypt and Warrant Canaries

Thu, 05/29/2014 - 13:41
No concrete reason for the TrueCrypt shutdown has emerged, giving way instead to speculation that perhaps the developers' abrupt decision is a warrant canary.

OpenSSL Receives Funding for Developers, Will Undergo Security Audit

Thu, 05/29/2014 - 09:38
The Core Infrastructure Initiative has decided to provide the OpenSSL Project with enough money to hire two full-time developers and also will fund an audit of OpenSSL by the Open Crypto Audit Project.

HackerOne Bug Bounty Platform Lands Top Microsoft Security Expert

Wed, 05/28/2014 - 18:00
HackerOne, has scored a major coup in hiring Katie Moussouris, the driving force behind Microsoft's bounty program, to oversee its policy and disclosure philosophy and work with customers on the intricacies of vulnerability disclosure.

Ominous Warning or Hoax? TrueCrypt Warns Software ‘Not Secure,’ Development Shut Down

Wed, 05/28/2014 - 17:35
A post on the TrueCrypt page at SourceForge warns that open source encryption software TrueCrypt is not secure and development has shut down.

Microsoft myBulletins Service Customizes Patch Details

Wed, 05/28/2014 - 16:34
Microsoft's new myBulletins service is a dashboard view of Microsoft products in their environment and any related security bulletins and updates. Some are critical of its lack of security advisories and lack of notifications.

FTC Asking Data Brokers, Congress for Transparency, Regulation

Wed, 05/28/2014 - 16:03
The Federal Trade Commission called on data brokers to be more transparent and give users more control over their personal information in a comprehensive report issued yesterday.

CryptoLocker Ransomware Competitor May Have Fatal Flaw

Wed, 05/28/2014 - 14:08
CryptoDefense, a ransomware competitor to CryptoLocker, has an implementation flaw that could allow for recovery of the decryption key from the victim's computer.

Pinterest Launches Bug Bounty Program

Wed, 05/28/2014 - 13:47
Pinterest has become the latest major Web property to start a bug bounty program, joining the Bugcrowd platform and offering researchers rewards of up to…a shirt. The site, which enables users to post photos, recipes and other information, announced the new reward program Tuesday. Company officials said that Pinterest was looking for more people to […]

Remotely Exploitable Flaws Haunt Lawful Intercept Surveillance Gear

Wed, 05/28/2014 - 12:50
The small, but growing, group of companies that supply so-called lawful intercept gear to intelligence agencies and law enforcement organizations around the world have operated mostly under the radar until very recently. Their products are used to record and scrutinize the communications of suspected criminals and terrorists, but now they’re finding that their products are […]

Siemens Fixes DoS Flaw in Rugged OS Devices

Wed, 05/28/2014 - 09:41
Siemens has patched a denial-of-service vulnerability that affected many versions of its Rugged Operating System, software that runs on some of the company’s RuggedCom switches and serial-to-ethernet devices. The vulnerability could enable a remote attacker to cause the Rugged OS software to crash by sendin specially crafted packets to the Web interface of a vulnerable device. […]

Apple Ransomware Targeting iCloud Users Hits Australia

Wed, 05/28/2014 - 07:27
A handful of iPhone, iPad and Mac users, largely confined to Australia, awoke Tuesday to discover their devices had been taken hostage by ransomware.