720-891-1663

Another SSL Attack – But Don’t Panic

SSL and TLS, the security protocols that protect most of our banking and ecommerce transactions is a complicated beast – more so due to the the many options it offers. ars technica in an article titled “Noose around Internet’s TLS system tightens with two new decryption attacks”, discussed a paper presented at Black Hat Asia that describes […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Hilton Honors Web Site Flaw Found and Fixed

I have to both harass and complement Hilton. Until recently, Hilton was offering Honors members 1,000 points to change their passwords. First the harassment: A security staffer at BancSec figured out that you could hijack any other Honors account by guessing or knowing the account number and making a small change to the site’s HTML. The […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Man Arrested At Border For Refusing To Hand Over Phone Passcode

CNet wrote about a man who was arrested at the Halifax (Canada) airport for refusing to hand over the passcode for his cellphone to the Canadian border agents. Even if you are not paranoid, it should make you think about what gadgets you take across the border.  Here are some details of this case. He […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Cybersecurity is for the C-suite, ‘not just the IT crowd’

At least according to Peter Singer, Director of the Center for 21st Century Security and Intelligence at the Brookings Institution.  Writing in Fortune, Singer says many things that won’t make him very popular.   A sampling: 97% of the Fortune 500 companies have been hacked and likely the other 3% too, they just don’t know it. […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Researchers Find 600,000 Servers Use Duplicate Encryption Key

PC World is reporting that researchers, looking for servers that were susceptible to the FREAK attack, found that some manufacturers have taken a shortcut when it comes to security. First, FREAK is an attack that allows attackers to force a encryption session between a user and a server to use a very weak 512 bit […]

Continue reading → [DISPLAY_ACURAX_ICONS]