Security News

CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS (Help Net Security)

2016-08-11 16:00

The HEIST vulnerability was presented at Black Hat USA 2016 by Mathy Vanhoef and Tom Van Goethem. In this presentation, new techniques were presented that enhanced previously presented padding...

#attack #breach #crime #heist #http #https #oracle #security

How the HTTPS-snooping, email addy and SSN-raiding HEIST JavaScript code works (The Register)

2016-08-05 02:34

#email #heist #http #https #javascript

New attack steals SSNs, e-mail addresses, and more from HTTPS pages (ArsTechnica)

2016-08-03 16:34

#attack #http #https

Google's HSTS rollout: Forced HTTPS for google.com aims to help block attacks (ZDNet)

2016-08-01 14:01

#attack #google #hsts #http #https

WPAD Flaws Leak HTTPS URLs (Threatpost)

2016-08-01 13:00

Sniffing HTTPS URLs with malicious PAC files gets easier with a new technique that exploits flaws in the Web Proxy AutoDiscovery protocol.

#http #https #leak #threatpost #URL

Hackers Can Intercept HTTPS URLs via Proxy Attacks (SecurityWeek)

2016-07-29 10:31

#attack #hacker #http #https #proxy #securityweek #URL

New attack that cripples HTTPS crypto works on Macs, Windows, and Linux (ArsTechnica)

2016-07-26 17:46

#attack #crypto #http #https #linux #MAC #windows

HTTPS is not a magic bullet for Web security (ArsTechnica)

2016-07-11 12:44

#http #https #security #WEB

HTTPS crypto is on the brink of collapse. Google has a plan to fix it (ArsTechnica)

2016-07-08 21:44

#crypto #google #http #https

How to migrate to HTTPS using App Transport Security when developing iOS apps (TechRepublic)

2016-07-06 05:59

#http #https #IOS #security

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News