Mike Mimoso and Chris Brook recap the news of the week, including the Badlock bust, encryption legislation, and cryptoworm ransomware. Mike also discusses last week’s Infiltrate Con.
Tag Archives: Government
Burr-Feinstein Anti-Crypto Bill Slammed by Critics
Security and privacy advocates, along with IT business leaders, slam the Burr-Feinstein bill as misguided and detrimental to encryption.
Defenders Need to Embrace Offensive Security Skillsets
Endgame Inc., CEO Nate Fick told the Infiltrate Conference on Thursday that bringing an offensive security approach to enterprise defense is the key to future success.
WhatsApp Encryption A Good Start, But Far From a Security Cure-all
Security experts cheer WhatsApp for making end-to-end encryption available to one billion consumers, but say more work needs to be done to protect digital communications.
WhatsApp Adds End-to-End Encryption To One Billion Users
Move over Apple, WhatsApp with one billion users takes center stage in encryption debate.
APT Attackers Flying More False Flags Than Ever
Investigators continue to focus on attack attribution, but Kaspersky researchers speaking at CanSecWest 2016 caution that attackers are manipulating data used to tie attacks to perpetrators.
Threatpost News Wrap, March 4, 2016
Mike Mimoso and Chris Brook recap RSA 2016, the pervasiveness of the FBI vs. Apple debate, OpenSSL two years after Heartbleed, and why hacking back is always a bad idea.
Threatpost News Wrap, January 29, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including the latest on the BlackEnergy APT Group, Amazon getting into the SSL certificate game, and government agencies being told to audit their systems for the Juniper backdoor.
Questions Linger as Juniper Removes Backdoored Dual_EC RNG
Juniper Networks has removed the backdoored Dual_EC DRBG algorithm from its ScreenOS operating system, but new developments show Juniper deployed Dual_EC long after it was known to be backdoored.
Oracle Settles with FTC Over ‘Deceptive’ Java Security Updates
Oracle will be required to provide users with a mechanism to uninstall older and vulnerable versions of Java, following a settlement with the Federal Trade Commission.