LAS VEGAS–Washington is looking for a few good hackers. Politicians and policymakers in the United States generally are not thought of as being the most technically savvy lot. It’s a reputation that’s well-earned in some cases, with some politicians boasting about their inability to use email and affinity for flip phones. But the lack of understanding[…]
Browsing Category: Web Security
Black Hat keynoter Jennifer Granick imagined a day when a regulated Internet looks like a lot like television.
LAS VEGAS–The push for some form of liability for vendors who sell faulty or insecure software is nearly as old as software itself. Software makers have pushed back hard against it for decades, but the day may soon come when software liability is a reality. Bugs, defects, and security vulnerabilities are problems inherent with any[…]
A new version of the Rig Exploit Kit is fueling a malware campaign that has already claimed close to one million victims.
Building a business can be expensive and time-consuming, and owners will look for ways to save money wherever they can. Researchers from RSA Security have found a VPN provider in China that is taking this to an unusual extreme: hacking Windows servers around the world for use as VPN nodes on a network that is[…]
A major information-sharing bill that’s in the Senate right now would allow private organizations to share threat data with any government agency, something that the Department of Homeland Security says could have severe privacy implications and cause confusion and inefficiencies inside the federal government. The bill, known as the Cybersecurity Information Sharing Act, would allow[…]
At Black Hat, researchers are expected to disclose new firmware attacks that work against OS X and self replicated to Thunderbolt peripherals.
After years of discussions, disagreements, and digressions, the Do Not Track header is supported by all of the major browsers. But because there’s no real requirement for sites or advertisers to respect it, DNT is not as effective as it could be. Now, the EFF, Disconnect, and several other organizations are publishing a new DNT standard[…]
Spam messages spoofing Microsoft and promising a free Windows 10 upgrade instead drop the CTB-Locker crypto-ransomware on compromised machines.
The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem is related to the[…]