GOODBYE, BIEBER? BUG CAN MAKE ANY YOUTUBE VIDEO GO AWAY

Imagine, there you are, watching your latest favorite cat video, or delighting again in Justin Bieber's merciless roasting. Then all of a sudden, poof—it disappears....
INFOSECURITY MAGAZINE
READ MORE

GOOGLE TRIALS PASSWORD-FREE SIGN-IN

Google has confirmed that it’s testing a password-free way to sign into a Google account. The approach allows users to authenticate by responding to a notification sent to their smartphones. It’s no secret that passwords are the weak link when it comes to account security, with poor hygiene, credentials theft and hacker tools for brute-forcing accounts all conspiring to make them ineffectual enough to need back-up with another authentication form. In fact, a recent CompTIA survey sho...
INFOSECURITY MAGAZINE
READ MORE

SECURITY THIS WEEK: THE GOVERNMENT REALLY DOESN’T SEEM TO LIKE ENCRYPTION

THIS WEEK, ANDY Greenberg and Gwern Branwen uncovered the probable identity of Bitcoin creator Satoshi Nakamoto—but then again, he might be a hoaxer. We took a look at malvertising, the hack that can infect your computer even if you don’t click anything. And Anonymous announced it’s launching an online operation against national embarrassment/presidential candidate Donald Trump. The Tor Project got a new executive director, who knows a thing or two about defending digital privacy. And meanwhile,...
WIRED
READ MORE

AT BLACK HAT, HOTTEST CYBER PRODUCT DIDN’T HAVE A BOOTH

Ah, Vegas in August. 100-degree heat, pool parties, and thousands upon thousands of hackers. Every summer the cybersecurity world takes over Sin City for a week. Black Hat, growing ever more corporate and responsible, is paid for on expense accounts. DEF CON? Well DEF CON is paid with cash at the door....
CFR
READ MORE

CERTIFICATE AUTHORITIES AIM TO IMPROVE IDENTITY ASSURANCE

A group of leading SSL/TLS Certificate Authorities are working on the London Protocol effort to figure out what's needed to improve certificate identity assurance. The Certificate Authority Security Council (CASC) announced a new effort dubbed the "London Protocol" on June 27 in a bid to help improve identity assurance for web security certificates. The London Protocol benefits from the support of multiple Certificate Authority (CA) vendors, including Comodo CA, Entrust Datacard, G...
EWEEK
READ MORE

NEW NETSPECTRE-CLASS ATTACK RAISES DEVICE-HARDENING CONCERN

A new type of NetSpectre attack requires no malware or malicious JavaScript, because it instead attacks victims through network connections, according to researchers at Graz University of Technology. Four scientists at the university have published findings on a new type of Spectre attack in a paper entitled NetSpectre: Read Arbitrary Memory over Network. The paper details a new CPU attack that can be carried out via network connections and does not require the attacker to host code on a targete...
INFOSECURITY MAGAZINE
READ MORE