Security News

Critical OpenSSL bug allows attackers to impersonate any trusted server (ArsTechnica)
2015-07-09 16:12

OpenSSL Patches Critical Certificate Validation Vulnerability (Threatpost)
2015-07-09 13:44

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.

Mozilla patches critical bugs in fresh Firefox update (ZDNet)
2015-07-09 11:12

Firefox 39 Out With Patches for Four Critical Vulnerabilities (Threatpost)
2015-07-08 18:32

Mozilla has rolled out a new version of its Firefox browser, an update that includes patches for four critical security vulnerabilities and several less-severe bugs. IN all, Firefox 39 patches 13...

Why location-based social media data is critical for security (Help Net Security)
2015-07-08 07:00

Sports games at stadiums, hurricanes along the coast, protests on city streets, guest complaints at hotels, customer praise at restaurants, bullying at schools… Things happen at specific places. These...

Critical Security Controls Draft Available for Public Comment (July 1, 2015) (SANS Newsbites)
2015-07-07 21:12

Critical DoS Bug in Node.js, io.js Patched (Threatpost)
2015-07-07 17:34

Developers at Node.js over the weekend released a critical update to the runtime environment that addresses a bug that could be used to cause denial of service attacks.

A Framework for Assessing 20 Critical Controls Using ISO 15504 and COBIT 5 Process Assessment Model (PAM) (SANS Reading Room)
2015-07-06 23:22

Critical RubyGems vulns can lead to installation of malicious apps (Help Net Security)
2015-06-23 10:55

A serious vulnerability in RubyGems, a package manager for the Ruby programming language, can be exploited to trick end users into installing malware from attacker-controlled gem servers, Trustwave re...

Case Study: Critical Controls that Sony Should Have Implemented (SANS Reading Room)
2015-06-23 04:26