Techmeme

Results 1 - 10 of about 54:

Dennis Fisher / Threatpost:
FTC Settles With Fandango, Credit Karma Over SSL Issues in Mobile Apps   —  The makers of two major mobile apps, Fandango and Credit Karma, have settled with the Federal Trade Commission after the commission charged that they deliberately misrepresented the security of their apps and failed to validate SSL certificates.
Mar 28, 2014, 7:30 PMIn context
Dennis Fisher / Threatpost:
Full Disclosure Security Mailing List Shuts Down   —  The Full Disclosure security mailing list, which has been one of the main discussion forums for vulnerability and exploit information for 12 years, is shutting down because “'one of our own' would undermine the efforts of the last 12 years”, one of the creators said.
Mar 19, 2014, 5:50 PMIn context
Michael Mimoso / Threatpost:
RSA's Coviello Calls for Global Surveillance Reforms, Enhanced Privacy Protection   —  SAN FRANCISCO - RSA Security executive chairman Art Coviello today at RSA Conference 2014 made his first public comments about the security company's relationship with the National Security Agency …
Feb 25, 2014, 5:15 PMIn context
Dennis Fisher / Threatpost:
Bruce Schneier Joins Startup Co3 Systems   —  UPDATE-Bruce Schneier, the famed cryptographer and author who recently left his longtime post at BT, has taken a new position as CTO of Co3 Systems, a startup that provides incident response systems.  Schneier, a central figure in the security industry …
Jan 7, 2014, 7:40 AMIn context
Dennis Fisher / Threatpost:
Stanford Researchers Find Connecting Metadata With User Names is Simple   —  One of the key tenets of the argument that the National Security Agency and some lawmakers have constructed to justify the agency's collection of phone metadata is that the information it's collecting …
Dec 24, 2013, 10:55 AMIn context
Michael Mimoso / Threatpost:
Microsoft To Patch TIFF Zero Day; Wait Til Next Year for XP Zero Day Fix   —  Microsoft will, next week, patch a zero-day vulnerability in its GDI+ graphics component being exploited in targeted attacks in the Middle East and Asia.  —  The zero day has sat unpatched since it was made public Nov. 5 …
Dec 6, 2013, 12:50 AMIn context
Chris Brook / Threatpost:
Nearly 2000 Sites Vulnerable to Ruby on Rails Cookie Problem   —  A lingering security issue in Ruby on Rails that stems from a setting in the framework's cookie-based storage mechanism is still present in almost 2,000 websites.  —  Sites using an old version of Ruby on Rails that relies on CookieStore …
Nov 27, 2013, 9:55 AMIn context
Michael Mimoso / Threatpost:
Google Completes Upgrade of its SSL Certificates to 2048-Bit RSA   —  Google announced today that it has completed the upgrade of all its SSL certificates to 2048-bit RSA or better, coming in more than a month ahead of schedule.  —  “We have completed this process which will allow the industry …
Nov 18, 2013, 10:55 PMIn context
Dennis Fisher / Threatpost:
Microsoft warns customers away from SHA-1 and RC4   —  The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis.  Many security experts and cryptographers have been recommending that vendors begin phasing the two out …
Nov 13, 2013, 6:15 PMIn context
Dennis Fisher / Threatpost:
Silent Circle Moving Away From NIST Ciphers in Wake of NSA Revelations   —  The first major domino to fall in the crypto world after the NSA leaks by Edward Snowden began was the decision by Lavabit, a secure email provider, to shut down in August rather than comply with a government order.
Sep 30, 2013, 1:30 PMIn context

Sponsor Posts

Microsoft:
Project aims to help parents protect - and connect with - their kids  —  One hackathon team from Microsoft's //oneweek focuses on family safety and aims to give parents an easy way to understand their children's lives online.
Freshdesk:
How to not sound like a robot in your email notifications?  —  Your notifications don't have to be just notifications.  They can be another opportunity to charm your customers and to keep them hooked.  Learn how.
VMware:
The Best Thing for Your Data Center since vSphere  —  It's come to our attention that some folks are less than certain about the differences between vSphere and vSphere with Operations Management.  Let's clear things up:
Zoho:
Customer Spotlight: How One Company Went from No CRM to Zoho CRM Power Users  —  “We had evolved our CRM from spreadsheets, to Goldmine CRM and finally to ACT CRM, but we knew we needed to move to a native cloud-based CRM”
Pure Storage:
2014: Pure, EMC, HP, and Violin all Up Their Games  —  The past few months have seen bold announcements from EMC, HP, Violin, and of course Pure Storage, the net result of which is that the market has changed and moved forward appreciably.