As much as I love PKI (public key infrastructure) and the mathematical security it can provide, it’s usually horribly implemented in the real world. If done right, like the inventors intended, it would be darn near perfect. It’s mostly broken…
When customers interact with your business, they most likely go through a Web application first. It’s your company’s public face — and by virtue of that exposure, an obvious point of vulnerability. Most attacks against Web applications are stealthy and…
We’re not using Windows 95 anymore. Few Pentium I systems remain in production use, and the majority of the world no longer connects to the Internet through telephone lines and analog modems (though some poor souls still do). If those…
The Xen Project fixed several vulnerabilities in its popular virtualization software, including one that could allow potential attackers to break out of a virtual machine and gain control over the host system. Vulnerabilities that break the isolation layer between virtual…
Jun Feng, a defendant in a criminal case, has entered a guilty plea, removing pressure from a New York court to decide quickly whether Apple is required to aid investigators by bypassing his iPhone 5s passcode. Feng was indicted on…
The Senate this week overwhelmingly passed the Cybersecurity Information Sharing Act, a surveillance bill that festered in Congress for four years masquerading as security legislation. CISA will succeed in putting a lot more personal information about citizens into the hands of…
Hackers are exploiting SQL injection flaws to infect MySQL database servers with a malware program that’s used to launch distributed denial-of-service (DDoS) attacks. Security researchers from Symantec found MySQL servers in different countries infected with a malware program dubbed Chikdos…
Fujitsu says it has developed software that uses biometric data directly as the basis for encryption and decryption of data, simplifying and strengthening security systems that rely on biometrics such as fingerprints, retina scans, and palm vein scans. Current security…
You could be whoever you wanted Image by flickr/the euskadi 11 The origins of what we think of as modern hacker culture emerged from the same California milieu as the 1960s counterculture, and it shows. In 1973, programmers from Berkeley…
LogMeIn, a provider of cloud-based IT access and management tools, has acquired cloud-based password manager service LastPass. LastPass is popular with users for its focus on security, excellent customer service, and commitment to transparency. When it was recently targeted in…