Home · Security

Internet users advised to change passwords due to 'Heartbleed' bug

Following the discovery of a major bug known as "Heartbleed," Tumblr has sent out a note encouraging users to change the passwords for all of their online accounts immediately.

The Heartbleed bug makes it possible for hackers to retrieve code from websites and other online services that would give them access to other information, including user data and passwords. The bug affects services that use the widely popular OpenSSL security library.

OpenSSL is the technology that secures websites that use HTTPS encryption to keep data protected. Users might recognize this from the URL of many of the websites that they use on a regular basis.

"The little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit," Tumblr said. More...

04-09-2014 02:03

Target, security auditor Trustwave are sued over data breach

(Reuters) - Target Corp and Trustwave Holdings Inc, which provides credit card security services, have been sued by two banks for "monumental" losses they say card issuers will face because of the retailer's holiday season data breach.

In a complaint filed on Monday in Chicago federal court, Trustmark National Bank and Green Bank NA accused the defendants of failing to properly secure customer data, enabling the theft of about 40 million payment card records plus 70 million other records, including addresses and phone numbers.

The banks said they lost money from alerting customers to the breach, reimbursing fraudulent charges and reissuing cards. These losses could increase, they said, if criminals ultimately use several million stolen cards as some analysts project. More...

03-27-2014 07:02

Is no browser safe? Security bods poke holes in Chrome, Safari, IE, Firefox and earn $1m

The Pwn2Own and Pwnium hacking contests at the annual CanSecWest conference in Vancouver have earned security researchers over a million dollars in prizes, exposed 34 serious zero-day flaws in popular code, and earned over $82,000 for the Canadian Red Cross.

In each of the Pwn2Own and Pwnium competitions, contestants are challenged to exploit vulnerabilities in supposedly secure software to execute malicious code – and walk away with cash if their attacks are successfully demonstrated on stage. The techniques used to own a program are privately disclosed so that the bugs can hopefully be fixed.

HP TippingPoint's Pwn2Own competition netted researchers $850,000 as all the major browsers – Chrome, Safari, Internet Explorer and Firefox – fell to attacks within the 30-minute timeframe for each, along with Flash. Only Java held up to the time-limited attacks, although researchers attempting to crack Oracle's code did come up with some interesting techniques that just took too long. More...

03-16-2014 17:24

<< First < Previous [1 / 37] Next > Last >>