Millions of websites, applications from Cisco and VMware, Google Play apps, as well as millions of Android devices are vulnerable – and the list keeps growing. Just how many products and websites need to be patched, and related digital certificates revoked and reissued, before the Heartbleed vulnerability will be mitigated? But information about the vulnerability,
Hackers have targeted Harley Medical Group, one of the leading cosmetic surgery provider in the UK, and have apparently made off with personal information of 480,000 users.
Heartbleed, the bug that has preoccupied thousands of websites and millions of users over the past week, may well have been the biggest security flaw in internet history but it is unlikely to be the last. Our entire security infrastructure is a mess because both ordinary people and elite security experts often harbour fundamental misunderstandings
Lavaboom, a German-based and supposedly NSA-proof email service, will go into private beta this week. Its mission is to spread the Edward Snowden gospel by making encrypted email accessible to all. Although it has been referred to in various parts of the interwebs as an heir to Lavabit, the now-defunct encrypted email service used by
When NSA whistle-blower Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA’s prying eyes. It’s called Tails. And naturally, nobody knows exactly who created it. Tails is a
How the game-changing crypto bug affects internal servers, clients, and VPN networks – and what to do about it. The long-term ramifications of the Heartbleed encryption flaw in the widely deployed open-source OpenSSL library are slowly coming into focus: how cyberspies and sophisticated cybercrime gangs can or already have used the bug to infiltrate an
On Monday, after seven months of discussion and planning, the first-phase of a two-part audit of TrueCrypt was released. The results? iSEC, the company contracted to review the bootloader and Windows kernel driver for any backdoor or related security issue, concluded (PDF) that TrueCrypt has: “no evidence of backdoors or otherwise intentionally malicious code in
Solid state drives are frequently referred to as the best upgrade you can make to your PC. Trading off disk space for speed is an increasingly popular option, but just like USB sticks and SD memory cards, SSDs can only be written to a limited number of times. This presents some interesting problems, particularly when
I have a laptop with windows 7 OS and Mac OS. Do I have to run security programs for both OS? Yes, they are two separate computers for all intents and purposes.
After lurking in the shadows for the first ten months of 2013, cybercriminals unleashed the most damaging series of cyberattacks in history. Symantec’s Internet Security Threat Report (ISTR), Volume 19, shows a significant shift in cybercriminal behavior, revealing the bad guys are plotting for months before pulling off huge heists – instead of executing quick
The leak of a PGP-encrypted email between Ed Snowden’s pet journalist Glenn Greenwald and a lawyer has created a bit of a fuss in crypto circles. Jesselyn Radack, a national security and human rights brief, said an encrypted email sent by her to Greenwald was this week leaked by persons unknown to Cryptome, the long-running
I came across this in my archives. Makes interesting reading on a slow Sunday morning. It seems all we ever needed to get encryption into the mainstream was… ubiquitous NSA surveillance. Who knew? Since I’ve written about encryption software before on this blog, I received several calls this week from reporters who want to know
In Newsweek, finance editor Leah McGrath Goodman claims to have outed the mysterious creator of the digital currency Bitcoin. The Japanese-American man lives in California and incredibly, is actually named Satoshi Nakamoto. Bitcoin Community Responds With Disbelief, Anger, Fascination But for many in the Bitcoin community, even those who have been obsessed with Nakamoto for
This security-minded move started a while ago when Google introduced its “Verify Apps” functionality, which validates apps’ safety right when you install them, either from the Play Store or elsewhere. Now the scope of that project is expanding. Verify Apps will check back in now and then, even after apps have been installed, just to
Over the next three years, the US Army will be filling its brand new cyber warfare institute at West Point with the best and brightest hackers it can find. Not just hackers, however: the institute will bring together psychologists, lawyers, mathematicians — anyone who can help the United States win the inevitable cyber war. Isn’t