Threatpost for B2B

Syndicate content
The First Stop For Security News
Updated: 22 hours 11 min ago

Google Data Shows Encryption Trending In the Right Direction

Wed, 06/04/2014 - 12:03
The past year has seen a tremendous amount of change and turbulence in the security and privacy communities, much of it related to the NSA surveillance revelations. One of the things that has come out of all of the discussions and debates is a greater focus on the importance of encryption, especially encrypting email and […]

Google Releases End-to-End Encryption Extension

Wed, 06/04/2014 - 07:44
Google has released an early version of a Chrome extension that provides end-to-end encryption for data leaving the browser. The extension will allow users to encrypt emails from their webmail accounts.

NIST Seeks Public Comment on SHA-3 Crypto Algorithm

Tue, 06/03/2014 - 16:17
The National Institute of Standards and Technology is seeking comments from the public on it's latest cryptographic hash function, SHA-3.

WordPress All-In-One SEO Pack Vulnerabilities Patched

Tue, 06/03/2014 - 14:09
A popular WordPress plugin could leave potentially millions of websites vulnerable if left unpatched.

GnuTLS Patches Critical Remote Code Execution Bug

Tue, 06/03/2014 - 12:56
Open source cryptographic library GnuTLS recently patched a remote code execution and denial of service vulnerability.

GameOver Zeus Takedown Shows Good Early Returns

Tue, 06/03/2014 - 12:27
The effect of the takedown of the GameOver Zeus botnet this week has been immediate and significant. Researchers who track the activity of the peer-to-peer botnet's activity say that the volume of packets being sent out by infected machines has dropped to almost zero.

Soraya Malware Packs Form Grabbing, Memory Scraping Functionality

Tue, 06/03/2014 - 10:36
Malware capable of infecting point-of-sale devices once was a novelty, but it’s quickly becoming more common. Researchers at Arbor Networks have unearthed a new strain of PoS malware called Soraya that can scrape memory and has the ability to intercept information sent from Web forms, a specialty of the Zeus malware family. Soraya also has […]

Heartbleed Exploitable Over Enterprise Wireless Networks

Mon, 06/02/2014 - 15:02
The Heartbleed OpenSSL vulnerability can be exploited over wireless networks, according to a researcher who released PoC code for attacks against wireless authentication programs hostapd and wpa_supplicant.

How I Got Here: Joe Grand

Mon, 06/02/2014 - 11:47
Dennis Fisher talks with Joe "Kingpin" Grand about his childhood taking apart early PCs and radios, his introduction to the BBS and early phreaking and hacking scene in Boston, his involvement with the L0pht, @stake and now his current life as an engineer running Grand Idea Studios.​

TrueCrypt Cryptanalysis to Include Crowdsourcing Aspect

Mon, 06/02/2014 - 11:09
Organizers of the TrueCrypt audit say they hope to crowdsource some of the cryptanalysis slated for phase two.

FBI, European Authorities Go After GameOver Zeus Botnet

Mon, 06/02/2014 - 10:53
UPDATE–Law enforcement agencies in Europe and the United States, including Europol and the FBI, ran a coordinated takedown of the  GameOver Zeus botnet on Friday, seizing servers and disrupting the botnet’s operation. Authorities say that the same botnet has been used to distribute the CryptoLocker ransomware and they’re now looking for a 30-year-old Russian whom […]

As Snowden Anniversary Nears, EFF Urges Users to Ramp Up Privacy and Security

Fri, 05/30/2014 - 14:46
Time flies when you’re having fun. But it apparently also flies when there’s a new story every other day about NSA surveillance. It’s been nearly one year since the first story sourced from the documents Edward Snowden stole from the agency appeared, and with that in mind, the EFF is encouraging people to commemorate the […]

USPS Spam Campaign Drops Botnet Malware

Fri, 05/30/2014 - 14:10
Those in control of the Asprox botnet are hiding their malware in emails purporting to come from the USPS.

Google At Odds With ‘Right to be Forgotten’ Ruling

Fri, 05/30/2014 - 13:18
Google took steps toward compliance with a European privacy ruling that allows individuals to request their names be removed from search results.

Apache Patches DoS, Information Disclosure Bugs in Tomcat

Fri, 05/30/2014 - 12:31
Apache recently patched denial of service and information disclosure vulnerabilities in its Tomcat web server.

Monsanto Suffers Data Breach at Precision Planting Unit

Fri, 05/30/2014 - 10:22
Monsanto has disclosed a data breach that involved the personal information of customers and employees of its Precision Planting subsidiary.

NSA Releases Snowden Email, Refutes Claims He Protested Agency Surveillance

Thu, 05/29/2014 - 17:22
The NSA released an email from Edward Snowden to the agency's legal authority that refutes claims Snowden repeatedly raised concerns about surveillance.

Iranian Campaign Snooped on U.S. Officials

Thu, 05/29/2014 - 16:01
Iranian spies have been carrying out a campaign since at least 2011 that has gathered intelligence by targeting D.C. journalists and government emissaries via social media.

San Diego State Warns of Possible Data Breach

Thu, 05/29/2014 - 14:55
San Diego State University has notified some of its current and former enrollees that some of their personal information may have been accessed by unauthorized users.

Of TrueCrypt and Warrant Canaries

Thu, 05/29/2014 - 13:41
No concrete reason for the TrueCrypt shutdown has emerged, giving way instead to speculation that perhaps the developers' abrupt decision is a warrant canary.