Microsoft has issued an emergency fix for a vulnerability in Windows Kerberos that is being exploited via in-the-wild attacks. Attackers can leverage the flaw to gain all-access rights to anything inside an Active Directory Domain, experts warn.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
The new director of Britain's eavesdropping agency, GCHQ, has blasted U.S. technology firms, arguing that - intentionally or not - they're "the command-and-control networks of choice for terrorists and criminals."
Drawing on networking protocols designed to support NASA's interplanetary missions, two researchers have created a networking system that's designed to transmit information securely and reliably in even the worst conditions, such as in an Ebola hot zone.
FBI Director James Comey says he wants Congress to update a 20-year-old law to give law enforcement authorities access to the encrypted data of suspected criminals.
Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
Home Depot says an estimated 56 million payment cards were exposed in a data breach at its U.S. and Canadian stores. The retailer says an investigation revealed the breach involved custom-built malware not used in other cyber-attacks.
Millions of user credentials are breached regularly - whether we hear of the incidents or not. So, why do we continue to rely on passwords? Derek Manky of Fortinet discusses authentication and data retention.
The National Institute of Standards and Technology should use the cryptographic community to help vet the advice it gets from the National Security Agency when creating cryptography guidance, a panel of prominent experts recommends.
The OpenSSL Project is receiving new funding to support its operations following the Heartbleed exploit that exposed a flaw in the cryptographic tool that's used to provide communications security and privacy online.
A group of noted cryptographers, academics and business leaders will provide an independent assessment of the way the National Institute of Standards and Technology develops cryptographic standards and guidelines.
With the news that several large technology companies are going to assist in funding critical open source projects such as OpenSSL following the Heartbleed exploit, security experts weigh in on the move.
A draft of revised guidance from NIST drops a cryptographic algorithm the NSA is said to have used to circumvent encryption that shields much of global commerce, banking systems, medical records and Internet communications.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
Tech companies continue to respond to the Heartbleed vulnerability by issuing alerts and patches to mitigate potential data compromises. Learn the latest advice from Trend Micro and ICSA Labs, plus updates from Rackspace, Akamai and Bitcoin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.