Yahoo announced a number of encryption enhancements to its email and other online services, and also announced it was finally encrypting communication links between its data centers.
DNS-based DDoS amplification attacks are using home and small office routers as a jumping off point. Attackers are taking advantage of weak router configuration and lax policies against open resolvers to execute attacks.
Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk.
Upset with the vulnerability handling process at Oracle, researchers yesterday disclosed over two dozen issues with the company’s Java Cloud Service platform.
Dennis Fisher talks with Matthew Green of Johns Hopkins University about the paper he co-authored on the Extended Random extension for Dual EC DRBG and whether it could be considered a backdoor.
Apple has updated its Safari browser, dropping a pile of security fixes that patch more than 25 vulnerabilities in the WebKit framework.
Sell Hack’s controversial browser plug-in no longer works on LinkedIn pages and all publicly processed data the plug-in collected has been deleted.
The NSA searches the data it collects incidentally on Americans, including phone calls and emails, during the course of terrorism investigations.
Surveillance DVRs infected with Bitcoin mining malware scanning for network attached storage devices on port 5000.
The addition of the Extended Random extension to RSA BSAFE made it trivial to crack the Dual EC random number generator, researchers said.