Heartbleed attacker hijacked VPN active user sessions
As the number of the most popular websites that still haven’t patched their servers against the Heartbleed exploit continues to diminish (go here for an up-to-date list …
OpenBSD team forks OpenSSL to create safer SSL/TLS library
For all the talk about how something should be done to fix OpenSSL so that a Heartbleed situation is never again repeated, there has been little to no concrete action so far. …
Supposedly patched router backdoor was simply hidden
When security systems’ engineer and researcher Eloi Vanderbeken discovered the existence of a backdoor in his own Linksys router last Christmas, he spurred other hackers …
How can we create a culture of secure behavior?
It’s a busy day in your company and everyone is rushing around trying to respond to requests. Audrey gets an email that looks like it’s from a partner asking her …
Insights from attack trends in the cloud
Drawing on data obtained from a customer base of 2,200, Alert Logic found a significant increase in activity across cloud and hosting environments compared to last …
Free Heartbleed scanner for Chrome and Android
To help Internet users protect themselves from the Heartbleed bug that is eroding SSL security features on websites worldwide, Trend Micro released two free Heartbleed …
CyberRX: Healthcare industry’s first cyber attack simulation
HITRUST, in coordination with the U.S. Department of Health and Human Services (DHHS), revealed the results of the healthcare industry’s first cyber attack simulation, …
Week in review: SATCOM (in)security, Heartbleed fallout, and the security of programming languages
Here’s an overview of some of last week’s most interesting news and articles: Appeals court overturns AT&T hacker’s sentence Andrew “weev” …
Cross Match acquires DigitalPersona
Cross Match Holdings and DigitalPersona announced a merger agreement that will combine the two companies. With more than 300 employees, a network of partners and millions of …
Beware of clever phishing scam that bypasses Steam Guard
Malwarebytes’ Chris Boyd is warning owners of Steam accounts about a relatively new phishing approach that goes after both their account login credentials and a file …
Organizations remain vulnerable to SQL injection attacks
Privacy and information security research firm Ponemon Institute, along with DB Networks, an innovator of behavioral analysis in database security, today announced the results …
3M payment cards compromised in Michaels Stores/Aaron Brothers breach
In the wake of the highly publicized Target and Neiman Marcus breaches, Texas-based arts and crafts store chain Michaels has stated in January that it has been targeted by …