EU to launch bug bounties for 14 open source projects
Europe stumps up cash for bug bounties to secure over a dozen popular open source projects.
Europe stumps up cash for bug bounties to secure over a dozen popular open source projects.
Revelations that a massive database of deidentified Medicare data could be reverse-engineered led to the data set's pulling from the Internet even as Telstra Health faced accusations that it couldn't possibly resist the temptation to do bad things with sensitive health information after it was awarded a major health-information consolidation tender.
David Braue | 04 Oct | Read more
The OpenSSL cryptographic library is widely used to protect communications between web servers and clients, such as browsers and apps, on the internet. Few consumers knowingly use the software, but it is important enough for Google’s July ban on Android apps in Google Play that used outdated versions of OpenSSL.
Claims that we're all vulnerable to targeting by cybercriminals have become part of conventional wisdom, but one security expert believes there's a way to keep yourself off the radar.
David Braue | 09 May | Read more
Investigations into the breach of toy maker VTech – which admitted the attack had affected 6.4 million children's accounts – revealed that hackers had stolen photos of children and their parents, compounding a data breach that is already being ranked among the worst of the year.
David Braue | 07 Dec | Read more
Apple has made iOS 9 generally available to the public and the update rolling out across the globe will probably be one worth installing if not for new features then at least for the security fixes.
The OpenSSL project has released several patches for moderate flaws, including an additional defense against the Logjam vulnerability revealed last month.
Jeremy Kirk | 12 Jun | Read more
New versions of OpenSSL will be released on Thursday to patch several security vulnerabilities, one of which is considered highly serious, according to the OpenSSL Project Team.
Jeremy Kirk | 17 Mar | Read more
Cisco has flagged a monster security update for dozens of Cisco security products affected by eight OpenSSL flaws, including the FREAK SSL/TLS bug.
Adobe has joined a bug disclosure program that invites researchers to report new flaws in its web applications. What can hackers expect for their work? Not a cash bounty.
The OpenSSL project has kicked off the new year with fixes for handful of bugs that fortunately are not as disastrous as Heartbleed or POODLE.
Every year, our inboxes get hit with a flood of press releases and announcements with predictions for the next year. Well, we're into November and the predictions for infosec in 2015 have started arriving.
Anthony Caruana | 14 Nov | Read more
Despite a spate of high-profile security attacks, the number of new security vulnerabilities is expected to decline this year for the first time since 2011, according to the latest figures from IBM's X-Force managed security team.
David Braue | 03 Sep | Read more
Increasingly high-profile security attacks – most recently, a data breach at US restaurant chain PF Chang that was attributed to a 'highly sophisticated criminal operation' even as gangs hit more businesses through remote accounts – were kindling interest in encryption and other less high-profile technologies amongst high-level executives, by some accounts.
David Braue | 08 Jul | Read more
This year has been the best of times and the worst of times for open source code and security.
Maria Korolov | 02 Jul | Read more