The TURKTRUST SSL certificate fiasco - what really happened, and what happens...
Was the TURKTRUST SSL fiasco an abortive attempt at secret surveillance, or a blundering crisis of convenience? Paul Ducklin takes stock of the situation...
View ArticleTargeted malware attack piggybacks on Nvidia digital signature
Gabor Szappanos from SophosLabs takes a detailed examination of a targeted attack involving multiple stages and an innocent signed application - from the social engineering in the initial lure, to the...
View ArticleInside the "PlugX" malware with SophosLabs - a fascinating journey into a...
Join SophosLabs Principal Researcher Gabor Szappanos as he takes you on a fascinating journey into the latest "product" from the PlugX malware factory.
View ArticleRooting SIM cards - BlackHat speaker says he may be able to "own your phone"...
Mobile security researcher Karsten Nohl says he'll explain at the BlackHat conference how he can remotely "own" mobile phones with a single text message. Paul Ducklin looks at what Nohl has said so...
View ArticleAndroid "FakeID" security hole causes a pre-BlackHat stir
Seems that a rogue Android app can get more privileges than it deserves simply by saying that someone trustworthy has vouched for it. It's been dubbed the "FakeID" hole...
View ArticleMozilla fixes "phishing friendly" cryptographic bug in Firefox and Thunderbird
Mozilla just patched a bug in its cryptographic library, NSS. The bug is rated "critical" because it could permit skullduggery in apparently secure connections.
View ArticleMozilla bug throws Tor Browser users into chaos
A Mozilla bug has made everyone's Firefox addons 'untrustworthy' - including turning off the important NoScript security feature in Tor.
View ArticleCritical cryptographic Java security blunder patched – update now!
Either know the private key and use it scrupulously in your digital signature calculation.... or just send a bunch of zeros instead.
View Article
More Pages to Explore .....