|
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
|
|
|
Source: SecurityPark - Posted by Alex
|
|
Alternative tokenless 2FA technologies may offer much greater levels of security, especially in light of the recent news that hackers have stolen data related to RSA secure tokens |
|
|
Source: H Security - Posted by Alex
|
|
According to Tor developer Jacob Appelbaum and a blog posting by the Mozilla Foundation, the Comodo SSL Certification Authority may have been compromised. As a consequence, criminals apparently obtained nine certificates for web sites that already existed, including addons.mozilla.org. |
|
|
Source: Information Week - Posted by Anthony Pell
|
|
API requests for Google Documents List, Google Spreadsheets, and Google Sites will be required to use secure sockets layer connections. |
|
|
Source: H Security - Posted by Alex
|
|
Vulnerabilities in implementations of the STARTTLS protocol for establishing an encrypted TLS connection could allow commands to be injected into a connection. According to a description by the discoverer of the problem, Postfix developer Wietse Venema, the key point is that commands are injected into the connection before it has been secured/encrypted, but are only executed once the secure connection has been established. |
|
|
Source: Tech News World - Posted by Anthony Pell
|
|
The most secure P2PE option is to replace existing payment terminals with newer hardware devices offering built-in encryption capabilities. With encryption at the read head, all mag stripe data is encrypted on the hardware terminal itself as soon as the consumer swipes his or her card. No readable data ever leaves the unit, eliminating the risk of theft as it traverses the merchant network. This strategy completely defuses the threat of online attacks. |
|
|
Source: Tech World - Posted by Alex
|
|
What's "pervasive memory scraping" and why is it considered by SANS Institute security researchers to be among the most dangerous attack techniques likely to be used in coming the coming year? |
|
|
Source: Network World - Posted by Alex
|
|
Florian Yanez, manager of technical systems for Helzberg Diamonds, is among those attending RSA Conference 2011. CSO recently caught up with him for a discussion on his company's efforts to adopt tokens as a way to address PCI DSS' rules on stored customer data. |
|
|
Source: Network World - Posted by Alex
|
|
Researchers have found a cheaper, faster way to process SSL/TLS with off-the-shelf hardware, a development that could let more Web sites shut down cyber threats posed by the likes of the Firesheep hijacking tool. |
|
|
Source: OpenBSD Tech - Posted by Alex
|
|
OpenSSH 5.7 has just been released. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support. Read on for a description of the improvements, including Elliptic Curve Cryptography, sftp performance improvements, and much more. |
|
|
Source: Tech News World - Posted by Anthony Pell
|
|
A hacker claims he's used Amazon's cloud services to bust open SHA-1, a wireless network security standard, and he says he'll be demonstrating his process at an upcoming Black Hat get-together. Malicious hackers could quickly set up brute-force attack systems using the cloud, but critics say real-world password cracks might not come so easily. |
|
|
<< Start < Prev 4 5 6 Next > End >>
|
| Results 31 - 40 of 996 |
