Browsing Category: Web Security

Group Backed by Google, Microsoft to Help Fund OpenSSL and Other Open Source Projects

After the dust had started to settle in the wake of the OpenSSL Heartbleed vulnerability earlier this month, one of the common sentiments that emerged was that the small group developing and maintaining the software needed some help. And money. And resources. But mostly money. Now, the OpenSSL Foundation, along with a number of other[...]

Read more...

OpenSSL Heartbleed and the Value of CRLs

One of the consequences of the drama around the OpenSSL heartbleed vulnerability is that security experts have begun taking a hard look again at the certificate revocation process and whether it actually protects users or gives them any visibility into the validity of a given certificate. In a lot of cases, the answer is probably no.

Read more...

Experts Worry About Future of Critical Infrastructure Security

The problem of critical infrastructure security has become a key issue in the last few years, as high-profile attacks such as Stuxnet and others have grabbed headlines and alerted politicians and others to the weaknesses facing these vital systems.

Read more...