UPDATE: The details are out. The issue is that under certain circumstances, a hacker could get OpenSSL to accept an HTTPS certificate that is fraudulent. This does not affect the major browsers, but rather the second and third tier software that uses SSL behind the scenes. Likely, you don’t even know all the places that […]
Continue reading → [DISPLAY_ACURAX_ICONS]Bitstamp, a European bitcoin exchange, suffered a breach on January 4th of this year. According to a breach report apparently prepared for Bitstamp, the breach was a result of a determined adversary and a very typical but rookie mistake on the part of a Bitstamp administrator. The breach cost Bitstamp 18,997 bitcoins worth a little over […]
Continue reading → [DISPLAY_ACURAX_ICONS]Apple released patches to fix a family of security flaws called Masque the other day in iOS release 8.4 . Researchers then came up with a new variant of the flaw that the patch doesn’t fix. Apple had fixed earlier variants of the Masque attack in iOS 8.1.3 , Anyone see a theme here. Unfortunately, […]
Continue reading → [DISPLAY_ACURAX_ICONS]According to Veracode, the government isn’t very good at fixing software flaws. In fact, of 7 vertical segments, they rank last. The financial and manufacturing sectors do best at fixing vulnerabilities. Healthcare organizations don’t do well and cloud vendors (SaaS) fail the OWASP top 10 almost 75% of the time. Given this, it is not […]
Continue reading → [DISPLAY_ACURAX_ICONS]I guess that is their version of “Houston, we have a problem”. The State Department posted a press release on their web site YESTERDAY that says that they have been having problems issuing visas and passports for two weeks. The State Department usually issues about 50,000 visas a day. Last week, they issued about 1,500 […]
Continue reading → [DISPLAY_ACURAX_ICONS]The WSJ Blog had a guest post from Deloitte talking about why the U.S. electric grid is still vulnerable to attack. The short answer is that the grid is being used and managed in a way that it was never designed to operate and the utilities and manufacturers have not adjusted to that fact (see […]
Continue reading → [DISPLAY_ACURAX_ICONS]