computer security

  • Cloudbleed investigation turns up a million leaks but no signs of exploitation

    Cloudbleed investigation turns up a million leaks but no signs of exploitation

    Since Cloudflare revealed a bug that caused random chunks of data to leak from customer websites, including Fitbit and OkCupid, the company has worked to determine the extent of the problem. It turns out that the vulnerability caused extensive leaks — which isn’t much of a surprise, given the sheer number of websites that use Cloudflare for its security and performance… Read More

  • Major Cloudflare bug leaked sensitive data from customers’ websites

    Major Cloudflare bug leaked sensitive data from customers’ websites

    Cloudflare revealed a serious bug in its software today that caused sensitive data like passwords, cookies, authentication tokens to spill in plaintext from its customers’ websites. The announcement is a major blow for the content delivery network, which offers enhanced security and performance for more than 5 million websites. This could have allowed anyone who noticed the error to… Read More

  • Trump’s hiring freeze is taking jobs away from cybersecurity students

    Trump’s hiring freeze is taking jobs away from cybersecurity students

    One of President Trump’s first moves in office was to order a sweeping hiring freeze across the federal government, preventing hiring for all jobs except for narrow exemptions in national security and the military. Although the executive order hasn’t stirred as much controversy has Trump’s more recent orders on immigration, it will have extensive consequences for… Read More

  • Yelp’s bug bounty improves security and attracts talent

    Yelp’s bug bounty improves security and attracts talent

    Since Yelp opened its bug bounty to the public six months ago, the company has paid out more than $17,000 to hackers who have discovered vulnerabilities in its products. But the bug bounty program doesn’t just improve security, Yelp executives say, but also helps attract security talent to join Yelp full-time. Bug bounty programs give hackers an avenue to report vulnerabilities to… Read More

  • Researchers simulate a ransomware attack on industrial controls

    Researchers simulate a ransomware attack on industrial controls

    Researchers at the Georgia Institute of Technology have created a form of ransomware that can hit us where it really counts: the water supply. Their program installed itself in a model water plant and allowed the researchers to change chlorine levels, shut down water valves, and send false readings to monitoring systems. “We are expecting ransomware to go one step farther, beyond the… Read More

  • Snap sees risks in Brexit, hacking and China’s Great Firewall

    Snap sees risks in Brexit, hacking and China’s Great Firewall

    Snapchat, which filed for its initial public offering today, sees potential risks to its business in cybersecurity and international regulation, particularly in China and the European Union. Security breaches — and the privacy concerns that follow — have already caused problems for Snapchat, according to its filing. The document refers to a CEO impersonation scam that occurred… Read More

  • Facebook challenges email for control of your online identity

    Facebook challenges email for control of your online identity

    Getting locked out of your account sucks. Almost everyone has experienced the frustration of forgetting a password, losing the phone on which they receive two-factor authentication codes, or jumbling the answer to a security question. But as exasperating as it is to lose access to your account, none of the widely-available measures for account recovery are very secure. Major breaches like… Read More

  • Facebook rolls out safer logins with a security key

    Facebook rolls out safer logins with a security key

    No one wants to hand over their account to a hacker. Today, Facebook is adding a new feature that will help protect users from getting their accounts compromised. Facebook users can now use a security key to authenticate their identity during the login process. If you use a security key, hackers won’t be able to get into your Facebook account, even if they have your username and… Read More

  • UK spy agency-backed cyber security incubator picks first seven startups

    UK spy agency-backed cyber security incubator picks first seven startups

    A GCHQ-backed startup incubator has opened its doors in the UK, announcing its first cohort of seven startups participating in the three month accelerator program (see below for the list of teams). Read More

  • Russian hacking team The Dukes targeting NGOs and think tanks after Trump victory

    Russian hacking team The Dukes targeting NGOs and think tanks after Trump victory

    According to Internet security team Volexity has detected an active spear-phishing effort by Russian hacker groups including Cozy Bear and the Dukes. The targeted phishing emails feature subject lines like “The “Shocking” Truth About Election Rigging” and a false “FYI” from the Clinton Foundation. You can read about the efforts on Volexity’s own site… Read More

  1. 1
  2. 2
  3. ...