A whole lot of work rolling out HTTP security is being undermined by bad browser implementation that facilitates man-in-the-middle attacks.
CERT has warned that all of the major browser vendors have a basic implementation error that mean “cookies set via HTTP requests may allow a remote attacker to bypass HTTPS and reveal private session information”.
The Obama administration reiterated that financial sanctions against China were “on the table” over alleged cyber-attacks on Thursday as President Xi Jinping of China arrived in Washington for the first time.
Obama, who will dine with Xi on Thursday night, is expected to address hacking concerns, notably the disastrous breach of the Office of Personnel Management (OPM), which exposed the personal information (including psychiatric evaluations and background checks) of some 21.5 million current, former and prospective federal workers.
Uber is attempting to squash the use of hacked customer accounts that have most likely been sold on the dark web and are currently being used in China.
Several Uber customers tweeted that their Uber app notified them that they had recently taken a Uber ride in China, when in fact they were nowhere near that country, according to Motherboard.
It’s not a trend that gamers are especially ecstatic about, but in-app purchases (IAP) have become a major element of mobile gaming. It’s how many of the biggest games on the App Store stay afloat, but earlier this week, the developers at DigiDNA discovered a coding flaw that could allow hackers to steal thousands of dollars worth of IAP from popular games.
It's a question that occurs to many of us: if digital security is such a minefield, how do you keep your personal data safe?
One person who knows about the risks is Adam Langley. As a security engineer at Google, he makes key decisions about how your data is spread around the internet. He also has access to systems that would have hackers salivating.
So how does Adam make sure he's not taken for a ride? Not how you'd think. Speaking at a conference at CloudFlare headquarters in San Francisco, he outlined his strategy.