Yahoo Explains Cookie Forgery Related To Two 2016 Breaches
Yahoo’s recent update on forged cookies is in relation to two, not three, security breaches announced last year. Yahoo has provided further clarification on the cookie forging activity related to data breaches disclosed in September and December of last year.
Explained: Bayesian spam filtering
Bayesian spam filtering is based on Bayes rule, a statistical theorem that gives you the probability of an event. In Bayesian filtering it is used to give you the probability that a certain email is spam. Named after the statistician Rev. Thomas Bayes who provided an equation that basically allows new information to update the…
High Severity Flaw Patched in OpenSSL 1.1.0
A high severity denial-of-service (DoS) vulnerability was patched on Thursday in OpenSSL with the release of version 1.1.0e. The flaw, tracked as CVE-2017-3733, has been described as an “Encrypt-Then-Mac renegotiation crash.” The security hole, reported by Joe Orton of Red Hat on January 31, does not affect OpenSSL 1.0.2.
The Era Of Data-Jacking Is Here. Are You Ready?
As data in the cloud becomes more valuable, the cost of weak security will soon be higher than many organizations can bear. Here’s why. The past few months have seen a deluge of attacks on database deployments in production environments. Victor Gevers, an ethical hacker and founder of GDI Foundation, broke news about attacks on…
Android for cars: Secure connection?
Fast-forward 17 years and there are apps for everything — even your car. Chances are, if an app might make part of your life easier, someone will develop it and plenty of people will use it. Over the past few years, the concept of the connected car has continued to evolve — and become reality….
IDG Contributor Network: Who makes better cybersecurity decisions, men or women?
Unfortunately, it’s very common to assume that when women are stressed they are more emotional or that they rely more heavily on intuition or hunches. (If you agree with this notion, spoiler alert – you are wrong…. LOL. Then you’re probably going to rely more heavily on men, not women, in high pressure, high risk…
US legislation revived to curb warrantless geolocation tracking
U.S. legislators have reintroduced bills that would place curbs on warrantless access by the government to electronically generated geolocation information of Americans, including on the use of cell-site simulators that can capture cellphone data. Bicameral legislation introduced Wednesday, called the Geolocation Privacy and Surveillance Act, aims to create clear rules for when law enforcement agencies…
What happens if your thermostat is hacked? Researchers name the top 7 security threats
What happens if a bad actor turns off your heat in the middle of winter, then demands $1,000 to turn it back on? Or even holds a small city’s power for ransom? Those kinds of attacks were among the top threats that security experts worried about at the RSA security conference this week. While consumers…
Bruce Schneier: Public-service technologists are needed to tame the IoT
The internet of things needs to be regulated and soon before it becomes even more of a tool to facilitate cyberattacks, and that means coming up with civic-minded technologists to help formulate government policies, security expert Bruce Schneier told an RSA Conference 2017 audience. The problem is governments lack the technological expertise to understand the…
Yahoo Notifies Users of Sophisticated Breach Methods
Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords. The latest notifications were in response to the record breach disclosed late last year affecting an estimated one billion users — which involved forging of “cookies” or files used…