Browsing: News & Analysis

The maintainers of Ruby have fixed a serious flaw in its SSL client that could have allowed an attacker to conduct man-in-the-middle attacks by spoofing an SSL server.

The notorious RedHack collective has breached another major website of the Turkish government, the one of the Istanbul Special Provincial Administration (ioi.gov.tr).

Lord Leveson was yesterday called to appear before MPs – amid growing anger at his failure to reveal widespread phone-hacking by big business.

Providers and analysts claim confusion reigns supreme, but government bodies beg to differ

As cybercrime expands and evolves, a new study categorizes and describes the top five threats: data breaches, malware, DDoS, mobile threats and the industrialization of fraud – and they’re all interrelated.

Initially Edward Snowden served as a legitimate whistleblower — he published the first concrete evidence of the NSA’s domestic surveillance apparatus, corroborating claims made by previous whistleblowers and raising serious questions about the constitutionality of the NSA running a widespread, warrantless domestic dragnet with weak oversight.

Companies like Facebook have been scrutinized by government regulators over the use of facial recognition technology. Now the Electronic Frontier Foundation is putting a mirror up to the government to demand the same scrutiny back.

Not one of 21 Western Australian agencies audited by the state’s auditor general has been able to meet the international 27002 standard for information security.

A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 million phone numbers

SYN reflection attacks are one of the more sophisticated DDoS attack methods and typically require some skill to execute. However, they have recently grown in popularity as they’ve become available on a DDoS-as-a-Service basis via the criminal underground.