Feed aggregator

On Snowden Anniversary, Microsoft Calls for Surveillance Reform

Threatpost for B2B - Thu, 06/05/2014 - 14:25
Microsoft general counsel Brad Smith lays out five areas where the U.S. government needs to make positive strides in reforming surveillance.

Vulnerabilities in IPMI Protocol Have Long Shelf Life

Threatpost for B2B - Thu, 06/05/2014 - 14:17
Noted researcher Dan Farmer published a paper on the depth and breadth of IPMI vulnerabilities in server Baseboard Management Controllers, and the news isn't good.

Linksys E4200 Vulnerability Enables Authentication Bypass

Threatpost for B2B - Thu, 06/05/2014 - 14:05
Linksys router contains an authentication bypass vulnerability that could give an attacker full administrative privileges on affected devices.

New OpenSSL MITM Flaw Affects All Clients, Some Server Versions

Threatpost for B2B - Thu, 06/05/2014 - 09:30
There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers.

COPA-DATA Patches DNP3 SCADA Vulnerability

Threatpost for B2B - Wed, 06/04/2014 - 15:19
A SCADA vulnerability could trigger a denial of service condition and go on to compromise the software’s communication connections, resulting in system instability is left unpatched.

DARPA Cyber Grand Challenge Finale Set For DEF CON 2016

Threatpost for B2B - Wed, 06/04/2014 - 13:56
DARPA announced that the finale of the Cyber Grand Challenge will be held during DEF CON 2016. More than 30 teams have signed up to build the best automated network defense system.

Google Data Shows Encryption Trending In the Right Direction

Threatpost for B2B - Wed, 06/04/2014 - 12:03
The past year has seen a tremendous amount of change and turbulence in the security and privacy communities, much of it related to the NSA surveillance revelations. One of the things that has come out of all of the discussions and debates is a greater focus on the importance of encryption, especially encrypting email and […]

Google Releases End-to-End Encryption Extension

Threatpost for B2B - Wed, 06/04/2014 - 07:44
Google has released an early version of a Chrome extension that provides end-to-end encryption for data leaving the browser. The extension will allow users to encrypt emails from their webmail accounts.

NIST Seeks Public Comment on SHA-3 Crypto Algorithm

Threatpost for B2B - Tue, 06/03/2014 - 16:17
The National Institute of Standards and Technology is seeking comments from the public on it's latest cryptographic hash function, SHA-3.

WordPress All-In-One SEO Pack Vulnerabilities Patched

Threatpost for B2B - Tue, 06/03/2014 - 14:09
A popular WordPress plugin could leave potentially millions of websites vulnerable if left unpatched.

GnuTLS Patches Critical Remote Code Execution Bug

Threatpost for B2B - Tue, 06/03/2014 - 12:56
Open source cryptographic library GnuTLS recently patched a remote code execution and denial of service vulnerability.

GameOver Zeus Takedown Shows Good Early Returns

Threatpost for B2B - Tue, 06/03/2014 - 12:27
The effect of the takedown of the GameOver Zeus botnet this week has been immediate and significant. Researchers who track the activity of the peer-to-peer botnet's activity say that the volume of packets being sent out by infected machines has dropped to almost zero.

Soraya Malware Packs Form Grabbing, Memory Scraping Functionality

Threatpost for B2B - Tue, 06/03/2014 - 10:36
Malware capable of infecting point-of-sale devices once was a novelty, but it’s quickly becoming more common. Researchers at Arbor Networks have unearthed a new strain of PoS malware called Soraya that can scrape memory and has the ability to intercept information sent from Web forms, a specialty of the Zeus malware family. Soraya also has […]
Syndicate content