Browsing Category: Web Security

OpenSSL Heartbleed and the Value of CRLs

One of the consequences of the drama around the OpenSSL heartbleed vulnerability is that security experts have begun taking a hard look again at the certificate revocation process and whether it actually protects users or gives them any visibility into the validity of a given certificate. In a lot of cases, the answer is probably no.

Read more...

Experts Worry About Future of Critical Infrastructure Security

The problem of critical infrastructure security has become a key issue in the last few years, as high-profile attacks such as Stuxnet and others have grabbed headlines and alerted politicians and others to the weaknesses facing these vital systems.

Read more...

Kurt Baumgartner on APT Attacks in the Enterprise

Dennis Fisher talks with Kaspersky Lab security researcher Kurt Baumgartner about the specter of APT attacks in enterprises, what kind of tactics APT attackers are using now and the effect of the Heartbleed openSSL bug on the certificate authority system.

Read more...