Security News > 2016 > December

Merry Squidmas. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

A bug bounty hunter earned $5,000 for a Facebook hack that allowed him to bypass security protection and access any Facebook user's true email address.

Cisco is warning customers of a privilege escalation flaw in Cisco CloudCenter Orchestrator systems that could allow an attacker to gain root privileges on affected systems.

Crowdstrike has an interesting blog post about how the Russian military is tracking Ukranian field artillery units by compromising soldiers' smart phones and tracking them. News article....

Apple extended the deadline of Dec. 31 for developers adopt App Transport Security standards for applications submitted to the App Store.

NIST is accepting proposals for public-key algorithms immune to quantum computing techniques. Details here. Deadline is the end of November 2017. I applaud NIST for taking the lead on this, and...

This Verge article isn't great, but we are certainly moving into a future where audio and video will be easy to fake, and easier to fake undetectably. This is going to make propaganda easier, with...

NIST has made a public plea for submissions for new crypto algorithms that can stand up against quantum computing and protect data.

German industrial giant Siemens has provided a firmware update addressing software vulnerabilities that are found in a popular line of its Desigo PX industrial control hardware.

A few days ago I blogged an excellent essay by Filippo Valsorda on why he's giving up on PGP. Neal Walkfield wrote a good rebuttal. I am on Valsorda's side. I don't like PGP, and I use it as...