Web Security


Google Provides Detailed Analysis of GitHub Attack Traffic

The high-profile DDoS attack against GitHub that went on for several days last month was the end result of an operation that included several phases and extensive testing and optimization by the attackers. Researchers at Google analyzed the attack traffic over several weeks and found that the attackers used both Javascript replacement and HTML injections. […]

apple id phishing

Bypassing OS X Security Tools is Trivial, Researcher Says

SAN FRANCISCO–For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple to bypass and gaining persistence […]


SAN FRANCISCO–The discussion about information sharing has been going on in the security community since before there was a security community, but the tone and shape of the conversation have changed recently thanks to an executive order from the Obama administration and the relentless drumbeat of attacks and data breaches. The benefits of sharing threat intelligence are […]

SAN FRANCISCO–The more things change, the more they stay the same. Thirty years ago, Adi Shamir, one of the inventors of the RSA algorithm, was asked to do a keynote speech at a conference and spoke about his laws of computer security. They were a set of principles that he developed over the years relating […]

SAN FRANCISCO–Encryption is the hot new topic in security at the moment, as it has been any number of times in the last few decades. And, as in the past, the notions of key escrow, mandated legal access to encrypted systems and other ideas for helping governments defeat cryptosystems have followed right along with the latest crypto […]