Tumblr now offers two-factor authentication
In a playful post on its official feed, Tumblr has announced that it’s now offering two-factor authentication to its users. “You know how you need two keys to …
Sogeti social engineering challenge at HITB Haxpo
For the third year in a row Sogeti organizes the social engineering challenge during Hack In The Box Amsterdam. In 2012 and 2013 they asked contestants to show weaknesses in …
0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Flaws in Android update mechanism could turn apps into malware
A group of researchers from Indiana University and Microsoft Research have unearthed six Android vulnerabilities that can be exploited to turn apparently harmless apps into …
10,000 GitHub users inadvertently reveal their AWS secret access keys
GitHub developers who are also Amazon Web Services users are advised to check the code they made public on their project pages and to delete secret access keys for their AWS …
Basecamp gets DDoSed and blackmailed
Basecamp, formerly known as 37signals, has managed to largely mitigate a DDoS attack that started today (March 24) at 8:46 central time and which made its services unavailable …
NSA compromised Huawei’s servers, spied on its executives
For years, the US government has been very vocal about its distrust of Chinese telecommunication giant Huawei, pointedly blocking acquisitions and takeovers that would allow …
Product pitch: ForgeRock Identity Relationship Management
In this product pitch recorded at RSA Conference 2014, Daniel Raskin, VP of Marketing at ForgeRock, talks about Identity Relationship Management. As more people, devices and …
Palo Alto Networks to acquire Cyvera
Palo Alto Networks announced a definitive agreement to acquire Cyvera, a privately held cybersecurity company located in Tel-Aviv, Israel. Under the terms of the agreement, …
New non-profit against cyber crime launches
Experts and companies in the information security industry formed the Secure Domain Foundation (SDF), a non-profit, community-driven organization devoted to the identification …
February spam highlights
Kaspersky Lab found that many malicious attachments in February’s spam came in emails allegedly sent by women who wanted to make new friends in the run-up to …
Gmail users get full, always-on HTTPS
Google has made good on its word and has introduced default encryption for all Gmail users. “Starting today, Gmail will always use an encrypted HTTPS connection when you …
Featured news
Resources
Don't miss
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform
- AI made crypto scams far more dangerous