Security experts constantly tell users not to reuse passwords on multiple accounts, but the message often falls on deaf ears. Now, officials at Mozilla are finding that advanced users don’t always follow that advice either after discovering that an attacker was able to compromise a Bugzilla user’s account by using a password taken from a data[…]
The Department of Justice has established a new policy that requires federal law enforcement agents–and state and local agencies working with the department–to obtain search warrants in order to use Stingray devices. The change is a major one, as agents will now need to show probable cause before deploying one of the devices, which simulate[…]
Dennis Fisher and Mike Mimoso talk about the potential US sanctions against China over cyberespionage, the browser vendors dumping RC4, the trouble at Mobile Pwn2Own and more security news of the week.
HP, a longtime sponsor of the Pwn2Own hacking contests, has decided it will not participate in November’s Mobile Pwn2Own event in Japan because of concerns over the country’s implementation of the Wassenaar Arrangement rules.
Cisco has patched a remote file-overwrite vulnerability in a couple of its products that could allow an attacker to replace arbitrary files and cause target systems to become unstable. The vulnerability affects the Cisco Integrated Management Controlled Supervisor and UCS Director software. The company has fixed the bug in new versions of the software, 184.108.40.206[…]