UPDATE–Apple has patched the vulnerability in its Find My iPhone app that likely was used in the attack that led to the publication of private photos belonging to dozens of celebrities over the weekend. The victims of the breach included actors, models and athletes such as Jennifer Lawrence and Kate Upton. The photos have appeared[…]
Browsing Category: Cloud Security
Amazon Web Services announced that it has turned on Perfect Forward Secrecy and other SSL improvements for its CloudFront content delivery platform.
Twitter has announced that a cloud-based password management company called Mitro has joined the Twitter team, and all of Mitro’s code is now free and open source. Mitro’s offering a secure password manager that’s meant to help distributed teams share passwords for accounts and services. The passwords are stored in encrypted form on Mitro’s servers,[…]
Google has fixed a security vulnerability in it’s cloud storage service, Drive, which could have leaked sensitive data to third parties.
Cloud-based code-hosting service Code Spaces announced today it was going out of business after a hacker deleted most of its machines, customer data and backups.
Ever since the Zeus source code leaked in late 2010, criminals have been creating highly customized, difficult-to-detect versions of it that target very specific services.
CloudFlare is launching a new vulnerability disclosure program in conjunction with the HackerOne bug-bounty platform.
Amidst all of the fallout related to Heartbleed, Oracle is doing its best to keep users apprised of its efforts to patch any and all software that may be vulnerable to the OpenSSL issue.
The maintainers of the OpenSSL library, one of the more widely deployed cryptographic libraries on the Web, have fixed a serious vulnerability that could have resulted in the revelation of 64 KB of memory to any client or server that was connected.
Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk.