RSS Reader for Computer Security Articles
Credit to Author: Brian Barrett| Date: Thu, 30 Mar 2017 16:00:59 +0000
Now that Pornhub’s going HTTPS, your private browsing will be a lot more private. The post The World’s Biggest Porn Site Goes All-In on Encryption appeared first on WIRED.
Read MoreCredit to Author: Malwarebytes Labs| Date: Wed, 29 Mar 2017 15:00:24 +0000
 | |
| Sage is yet another ransomware that has become a common threat nowadays. Similarly to Spora, it has capabilities to encrypt files offline. The malware is actively developed and currently, we are facing outbreak of version 2.2. of this product. Categories: Tags: encryptionhasherezademalwarephishransomwareSage ransomwareSpora Ransomware |
The post Explained: Sage ransomware appeared first on Malwarebytes Labs.
Read More
Credit to Author: Lucian Constantin| Date: Tue, 28 Mar 2017 10:01:00 -0700
For the second time in two weeks, developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.
Like the LastPass flaws patched last week, the new issue was discovered and reported to LastPass by Tavis Ormandy, a researcher with Google’s Project Zero team. The researcher revealed the vulnerability’s existence in a message on Twitter, but didn’t publish any technical details about it that could allow attackers to exploit it.
To read this article in full or to leave a comment, please click here
Credit to Author: Evan Schuman| Date: Mon, 27 Mar 2017 04:00:00 -0700
With so many retailers being impacted by cyber attacks, it’s easy to conclude that thieves are necessary for data breaches. Not necessarily. Saks last week made clear that it can breach itself quite efficiently.
That revelation comes courtesy of Buzzfeed News, which visited the site and noticed private data about quite a few fellow site visitors and shoppers.
To read this article in full or to leave a comment, please click here
Credit to Author: Lucian Constantin| Date: Fri, 24 Mar 2017 10:32:00 -0700
Google is considering a harsh punishment for repeated incidents in which Symantec or its certificate resellers improperly issued SSL certificates. A proposed plan is to force the company to replace all of its customers’ certificates and to stop recognizing the extended validation (EV) status of those that have it.
According to a Netcraft survey from 2015, Symantec is responsible for about one in every three SSL certificates used on the web, making it the largest commercial certificate issuer in the world. As a result of acquisitions over the years the company now controls the root certificates of several formerly standalone certificate authorities including VeriSign, GeoTrust, Thawte and RapidSSL.
To read this article in full or to leave a comment, please click here
Credit to Author: Michael Kan| Date: Thu, 23 Mar 2017 15:21:00 -0700
FBI director James Comey has suggested that an international agreement between governments could ease fears about IT products with government-mandated backdoors, but privacy advocates are doubtful.
Speaking on Thursday, Comey suggested that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.
“I could imagine a community of nations committed to the rule of law developing a set of norms, a framework, for when government access is appropriate,” he said on Thursday.
Comey made his comments at the University of Texas at Austin, when trying to address a key concern facing U.S. tech firms in the encryption debate: the fear that providing government access to their products might dampen their business abroad.
To read this article in full or to leave a comment, please click here
Credit to Author: Mark Nunnikhoven (Vice President, Cloud Research)| Date: Thu, 23 Mar 2017 12:00:37 +0000
If you’ve ever bought anything online, checked your bank accounts through the app, or logged on to your favorite social media network, you’ve used a technology called SSL/TLS. The S in HTTPS. SSL/TLS (just to keep it simple, I’ll refer to as SSL) is the technology used to encrypt the communication between your browser and…
Credit to Author: Peter Sayer| Date: Sun, 19 Mar 2017 10:58:00 -0700
Secusmart, the BlackBerry subsidiary that secures the German Chancellor Angela Merkel’s smartphone, will roll out a version of its SecuSuite security software compatible with Samsung Electronics’ Knox platform later this year.
That means that organizations looking for smartphones offering government-grade security will be able to buy the Samsung Galaxy S7 or, soon, the S8 rather than the now-discontinued BlackBerry OS smartphones like the one Merkel uses.
In addition to encrypting communications and data stored on the device, the new SecuSuite also secures voice calls using the SNS standard set by Germany’s Federal Office for Information Security (BSI). Organizational app traffic is passed through an IPsec VPN, while data from personal apps can go straight to the internet. Encrypted voice calls go through a different gateway, not the VPN.
To read this article in full or to leave a comment, please click here