DigiNotar, the embattled Dutch certificate authority at the center of a global scandal after issuing hundreds of forged digital certificates has filed for voluntary bankruptcy today, according to a press release from parent company VASCO.
SAN FRANCISCO–There are dozens of new bugs discovered every week in popular applications, and many of them are painted as critical flaws that need to be patched immediately lest you risk the wrath of the attackers. However, in many cases, it’s not necessarily those highly publicized flaws that will end up leading to a major data theft, it’s the problems lurking underneath the top layer that are the real killers.
The Morto Worm began to make waves just three short weeks ago after working its way through Windows’ Remote Desktop Protocol (RDP) but now the worm appears to have an entirely new mode of transport: Jade Dynasty, a massively multiplayer online role playing game (MMORPG) that is popular in China.
Two researchers have developed a new attack on TLS 1.0/SSL 3.0 that enables them to decrypt client requests on the fly and hijack supposedly confidential sessions with sensitive sites such as online banking, e-commerce and payment sites. The attack breaks the confidentiality model of the protocol and is the first known exploitation of a long-known flaw in TLS, potentially affecting the security of transactions on millions of sites.
Google has fixed more than 30 security vulnerabilities in its Chrome browser with a new version the company released on Friday. The company also paid out more than $14,000 in rewards to the various researchers who reported bugs that were fixed with Chrome 14.0.835.163.
Nude photos of Hollywood film star Scarlett Johansson appeared online this week, adding yet another name to a growing list of Hollywood celebrities who have had sensitive data and photos stolen from personal computers, cell phones, e-mail and Twitter accounts in a wide ranging campaign of targeted hacks.
The TED talks have long been famous for introducing a wide (albeit wired) audience to The Next Big Thing, whether it was Jeff Hann at NYU demonstrating the Minority Report-style touch-sensitive user interfaces in 2006 – years before the iPhone hit the market – or MIT’s David Merrill’s demonstration of stackable mini computers called Siftables. (OK – we’re not sure yet what the heck you can use those for.)
Cisco has issued patches for a series of vulnerabilities in its Cisco Unified Service Monitor and Cisco Unified Operations Manager and CiscoWorks LAN Management Solution products, all of which can lead to remote code execution.
Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw.
Attackers on Tuesday hacked the uTorrent.com service, replacing the uTorrent software download with a rogue antivirus program that demanded payment from users in order to remove non-existent malware from their machines.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
