Google announced it will add additional security checks to log-in attempts from applications or devices that do not support OAuth 2.0.
Browsing Category: Web Security
Officials at Iowa State University said Tuesday that the personal data of nearly 30,000 alumni, including Social Security numbers, was compromised during a data breach.
A slew of old AOL email accounts were hacked over the weekend to send spam to other users.
CloudFlare is launching a new vulnerability disclosure program in conjunction with the HackerOne bug-bounty platform.
Amidst all of the fallout related to Heartbleed, Oracle is doing its best to keep users apprised of its efforts to patch any and all software that may be vulnerable to the OpenSSL issue.
One of the consequences of the drama around the OpenSSL heartbleed vulnerability is that security experts have begun taking a hard look again at the certificate revocation process and whether it actually protects users or gives them any visibility into the validity of a given certificate. In a lot of cases, the answer is probably no.
Details of a targeted attack have emerged where hackers are using the Heartbleed OpenSSL vulnerability to hijack active VPN sessions to remotely access an enterprise.
The problem of critical infrastructure security has become a key issue in the last few years, as high-profile attacks such as Stuxnet and others have grabbed headlines and alerted politicians and others to the weaknesses facing these vital systems.
The openSSL heartbleed has led to a huge increase in the number of SSL certificates being revoked, as site owners and hosting providers go through the process of replacing vulnerable certificates.
The Tor Project is in the process of rejecting exit nodes vulnerable to the Heartbleed OpenSSL vulnerability after researcher Collin Mulliner discovered more than 1,000 leaking plaintext traffic.