Network Security

Network Security news, trend analysis and opinion

Some Bitdefender products break HTTPS certificate revocation

This allows man-in-the-middle attackers with access to revoked, but otherwise valid, certificates to manipulate encrypted traffic

Containment security solutions for endpoints effectively stop attacks before harm is done

The way to protect PCs is to isolate untrusted tasks. BufferZone and Bromium offer interesting solutions


Lenovo website hacked in wake of Superfish debacle

Source code for the page names two alleged hackers

Europol and security vendors disrupt massive Ramnit botnet

The operation seized command-and-control servers and Internet domains used by the Ramnit gang

Facebook fixed 61 high-severity flaws last year through its bug bounty program

The company paid US$1.3 million to 321 outside security researchers in 2014

Flaw in popular Web analytics plug-in exposes WordPress sites to hacking

Attackers can easily crack cryptographic keys used by the WP-Slimstat plug-in and use them to read information from a site's database

The challenges of enterprise network encryption and security

Enterprises are decrypting traffic for security inspection, but it ain't easy.

Critical remote code execution flaw patched in Samba

Users should install the Samba updates available for their systems as soon as possible

Many attackers lurk undetected for months, then pounce, study finds

Gaining access credentials is a way to keep access without installing malware, Mandiant said

Telegram dimisses claim of a flaw in its secure messaging application

Zimperium says Telegram doesn't protect content in memory, but Telegram says it's hard to defend against

NSA director wants gov't access to encrypted communications

The U.S. should be able to craft a legal framework to let government agencies read encrypted data, Rogers says

'Secure' advertising tool PrivDog compromises HTTPS security

The tool replaces SSL certificates without validating them first, opening the door to man-in-the-middle attacks

hacked hacker breach security

You’ve been hacked. Now what?

6 key things to do after a security breach.

022315 detect malware 1

New tools can detect hidden malware

We tested new security appliances from Damballa, Lancope and LightCyber that are designed to detect the latest cyber-attacks.

Superfish security flaw also exists in other apps, non-Lenovo systems

A third-party, man-in-the-middle proxy used by Superfish is also used in other apps

TrueCrypt audit back on track after silence and uncertainty

Phase two of the project will begin shortly and will be done by a professional team of consultants

Android malware fakes phone shutdown to steal data

The malware works in the background after pretending to shut down a phone, AVG said.

Lenovo admits to Superfish screw-up, will release clean-up tool

The company confirmed that a software program preloaded on some of its laptops exposes users to potential attacks

Google Cloud offers security scanning for customer apps

The Google Cloud Security Scanner can ferret out XSS and mixed-use vulnerabilities

NSA, UK's GCHQ reportedly hacked encryption of SIM card maker

The surveillance agencies reportedly were able to monitor a large portion of the world's mobile traffic

Load More