Security News

US-Cert alert! Thanks to a massive bug, VPN now stands for "Vigorously Pwned Nodes"
2019-04-12 21:00

Multiple providers leaving storage cookies up for grabs The US-Cert is raising alarms following the disclosure of a serious vulnerability in multiple VPN services.…

US CERT Warns of N. Korean 'Hoplight' Trojan
2019-04-12 15:18

Hidden Cobra, Also Known as Lazarus, Appears to Be Behind the MalwareU.S. CERT has issued a fresh warning about a newly discovered Trojan called Hoplight that is connected to a notorious APT group...

DXC security exec: Yes, I'd have thought we'd spend more on certs and laptop kit for staff, too
2019-03-26 09:08

Boss makes staggering admission during conf-call to discuss impact of latest cost purge: $60m to be cut from infosec division Exclusive A senior exec within DXC Technology's global security...

Google Play Touts Certs in Quest For Enterprise Security
2019-03-22 20:22

Google has snagged three security and privacy certifications for Google Play as it tries to appeal to enterprises despite numerous malicious apps and security issues.

Open-source 64-ish-bit serial number gen snafu sparks TLS security cert revoke runaround
2019-03-13 18:12

64 bits of cert ID on the wall, 64 bits of ID. Take the top bit down, don't pass it around, 63 bits of cert ID on the wall... A bunfight over a controversial UAE mobile security company led to the...

Open-source keygen snafu sparks 63-bit TLS cert revoke runaround
2019-03-13 18:12

What a difference a bit makes. 64 little flowers... brought the revokes and the scowls A mailing list bunfight over a controversial UAE mobile security company led to the discovery that millions...

Week in review: Critical Chrome zero-day, TLS certs for sale on dark web, RSA Conference 2019
2019-03-10 19:30

Here’s an overview of some of last week’s most interesting news and articles: RSA Conference 2018 coverage Check out what you missed at the infosec event of the year. How malware traverses your...

CERT/CC Warns of Vulnerabilities in Marvell Avastar Wireless SoCs
2019-02-08 16:57

The CERT Coordination Center (CERT/CC) has issued a vulnerability note providing information on a series of security issues impacting Marvell Avastar wireless system on chip (SoC) models.

Week in review: FaceTime bug, Apple developer certs abused, new privacy attack against 5G
2019-02-03 19:30

Here’s an overview of some of last week’s most interesting news and articles: New Mac malware steals cookies, cryptocurrency and computing power A new piece of Mac malware is looking to steal both...

Apple yoinks enterprise certs from Facebook, Google, killing internal apps, to show its power
2019-02-01 01:56

You have been warned, says Cupertino: Tech giants abuse dev program, iPhone maker eventually undoes ban After briefly punishing Facebook and Google for violating the rules of its enterprise...