Researcher proves how easy it is to pull off homographic phishing attacks
Security consultant Paul Moore has managed to register a domain that, at first glance, looks like that of UK-based Lloyds Bank, and get a valid TLS certificate for it from …
Worldwide IT spending to decline 5.5 percent in 2015
Worldwide IT spending is on pace to total $3.5 trillion in 2015, a 5.5 percent decline from 2014, according to the latest forecast by Gartner, Inc. Analysts attribute the …
NIST revises security publication on random number generation
In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for …
Security concerns continue to dog the cloud industry
Executives at major North American companies believe conventional network security solutions aren’t enough to protect their cloud computing environments, especially when it …
Major Xen update fixes over 20 vulns, including guest/host escape flaw
The newest version (v4.5.1) of popular hypervisor Xen has been released last week, and includes a bucketload of improvements and bug-fixes, including nearly 20 security …
Hackers are exploiting Magento flaw to steal payment card info
Attackers are exploiting a vulnerability in eBay’s Magento platform to steal users’ billing information (including payment card info), warns Sucuri …
4 in 10 midsize businesses have experienced a data breach
Most midsize business leaders view a data breach among their top risks and a majority consider IT security ‘very important’ when selecting a supplier. They have good reason to …
Week in review: TLS security, malicious Tor exit nodes, how to find a free, secure proxy service
Here’s an overview of some of last week’s most interesting news, podcasts, reviews and articles:Penetration Testing With Raspberry PiRaspberry Pi is a small and …
Why a low-level threat can open the door for serious infections
“A device hi-jacked for the purpose of conducting click-fraud can become a conduit for more serious malware such as ransomware. A Damballa study cited an example of how …
Update your Flash Player if you don’t want ransomware
“It didn’t take long for exploit kit authors to incorporate an exploit for the recently discovered zero-day Adobe Flash vulnerability (CVE-2015-3113) into their …
Researcher tests Tor exit nodes, finds not all operators can be trusted
While the Tor anonymity network conceals (relatively successfully) a user’s location and Internet activity from anyone who might want to know about it, users should be …
Vegan and BeEF clash shows how cyber arms race never stops
Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries. An example of this …