Dennis Fisher and Mike Mimoso discuss the major news stories of the last couple of weeks, including the proposal in TLS 1.3 to drop RSA key transport, the Snapchat FTC settlement and the end of Windows XP support. And no Heartbleed talk!
Link shortening service Bitly informed its users that it believes user credentials – passwords, API keys and OAuth tokens – have been compromised.
Twitter has made a couple of changes to the service’s login process to help prevent account takeovers and enable users to reset their passwords in a simpler way. A Twitter account is among the more valuable assets for an attacker who is targeting a specific person. Accounts typically are tied to a user’s main email […]
Industrial control system wireless gateways from Digi International are vulnerable to Heartbleed, ICS-CERT warns. The vendor has firmware upgrades available and urges immediate updates.
Microsoft will patch Internet Explorer again one week after an out-of-band patch for a zero-day vulnerability in the browser.
A study conducted by the Federal Trade Commission looked at 12 different health apps and found they sent user information to 76 different third parties.
Snapachat, the maker of the popular video and photo chat app, has agreed to settle charges by the Federal Trade Commission that the company misrepresented the supposedly ephemeral nature of the messages users send and failed to take adequate security precautions with the data it collects, leading to a data breach earlier this year that […]
Former NSA Director Keith Alexander told an Australian publication that the agency’s subversion of crypto standards and stockpiling of zero days is part and parcel of its mission.
The House Judiciary Committee has approved the USA FREEDOM Act, which aims to limit the NSA’s surveillance powers and revise the PATRIOT Act and FISA.
Cisco has patched a handful of buffer overflows in several of its WebEx products that could allow an attacker to execute arbitrary code or crash a vulnerable application. The bugs affect the WebEx WRF and ARF players and some of Cisco’s Business Suite builds, WebEx 11 and WebEx Meetings Server also are affected by at […]
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
