Twitter is at the beginning of a process that will eventually make HTTPS browsing a default feature on the popular micro-blogging platform. The company currently is experimenting by turning HTTPS on for a small percentage of users.
The maintainers of the PHP scripting language are warning users about a serious crypto problem in the latest release and advising them not to upgrade to PHP 5.3.7 until the bug is resolved.
A group of researchers have developed a new attack that enables them to find AES keys several times faster than was previously thought possible, reducing the complexity of finding the keys on AES-128, AES-192 and AES-256. However, the attack does not pose any practical threat to currently deployed systems that use the AES encryption algorithm, the researchers said.
The Federal Deposit Insurance Corporation (FDIC) has drawn the ire of the Government Accountability Office (GAO) following an audit of the FDIC’s system this month.
More information about last week’s “Shady Rat” hacks continues to be uncovered, including reports that the attackers behind the hack used digital images to obscure their activities.Researchers at Symantec analyzing the attacks found images were hiding code that enabled communication back and forth with infected machines and a command-and-control (C&C) server, according to a report from DarkReading.
A security researcher has released a new workaround for the critical vulnerability in the Apple iOS operating system related to the way that the OS handle SSL certificate validation. The workaround makes some key checks in the certificate chain that the vulnerable versions of iOS and a previous workaround fail to execute.
During the Reagan Administration, the ‘government waste’ meme was all about $600 toilet seats and $300 hammers. Those looking for a more contemporary example of how government procurement gets it wrong might point, instead, to Project 25 (P25), a decade old effort to provide first responders and federal officials with a reliable and secure emergency radio system.
A security researcher known for his work on cracking cryptographic ciphers on mobile networks has found a method that enables him to capture and decrypt data traffic on virtually any GPRS network. The attack, developed by Karsten Nohl, enables him to eavesdrop on traffic within a radius of about three miles.
LAS VEGAS–Researchers from IBM’s ISS X-Force plan to unveil a new system for running an open wireless network in a secure mode at the Black Hat conference here this week. The system mimics the way that Web sites browsers use digital certificates to establish a trusted connection with one another.
EMC Corporation announced via an earnings call Tuesday that it
spent $66 million during the second quarter on its security firm division RSA to
recover from a cyberattack that compromised their SecurID product in March,
according to a post on the Washington Post’s Post Tech blog.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
