More than 11 million HTTPS websites imperiled by new decryption attack
More than 11 million websites and e-mail services protected by the transport layer security protocol are vulnerable to a newly discovered, low-cost attack that decrypts sensitive communications in a matter of hours and in some cases almost immediately, an international team of researchers warned Tuesday. More than 81,000 of the top 1 million most popular Web properties are among the vulnerable HTT
DROWN Attack
Operators of vulnerable servers need to take action. There is nothing practical that browsers or end-users can do on their own to protect against this attack. Is my site vulnerable? Modern servers and clients use the TLS encryption protocol. However, due to misconfigurations, many servers also still support SSLv2, a 1990s-era predecessor to TLS. This support did not matter in practice, since no up
San Bernardino Survivor's Husband To Judge: Terrorist iPhone “Unlikely” To Hold Valuable Information
Engineering Heap Overflow Exploits with JavaScript
Stay up to date on the latest research and industry trends. Sign up for our newsletter
N.Y. judge backs Apple in encryption fight with government
(Reuters) - The U.S. government cannot force Apple Inc AAPL.O to unlock an iPhone in a New York drug case, a federal judge in Brooklyn said on Monday, a ruling that bolsters the company's arguments in its landmark legal showdown with the Justice Department over encryption and privacy. 3D printed Apple logo are seen in front of a displayed cyber code in this illustration taken February 26, 2016. RE
Apple prevails in forced iPhone unlock case in New York court
A judge in New York ruled Monday in favor of Apple in a case where investigators wanted the court to compel the company to unlock a seized iPhone 5S running iOS 7, which the company does have the ability to unlock. This case involves a drug dealer who has already pleaded guilty. It pre-dates Apple’s current battle with the government over a locked iPhone 5C that belonged to one of the shooters in
A tale of a DNS exploit: CVE-2015-7547
This post was written by Marek Vavruša and Jaime Cochran, who found out they were both independently working on the same glibc vulnerability attack vectors at 3am last Tuesday. A buffer overflow error in GNU libc DNS stub resolver code was announced last week as CVE-2015-7547. While it doesn't have any nickname yet (last year's Ghost was more catchy), it is potentially disastrous as it affects any
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Attack of the week: DROWN
Internet Infrastructure Review(IIR)Vol.30 | セキュリティ・技術レポート | IIJ
Having The Security Rug Pulled Out From Under You - Akamai Security Intelligence and Threat Research Blog
House Judiciary Committee
Another Day, Another Hack: Hacker Claims to Have Sold 27M Mate1.com Passwords
Judge Says Apple Doesn't Have to Unlock iPhone in Case Similar to San Bernardino
Judge rules in favor of Apple in key case involving a locked iPhone
Apple Wins Major Court Victory Against FBI in a Case Similar to San Bernardino
NY Judge Rules In Favor Of Apple In Government Request For iPhone Data
【海外セキュリティ】攻撃者の「実態」に関する調査/セキュリティ担当者にかかるプレッシャー 