Skip to content
SSL and internet security news

Informations about SSL certificates and networks security

Category: cybersecurity

Auto Added by WPeMatico

Securing Open-Source Software

Posted on July 27, 2022 By infossl
cybersecurity, infrastructure, open source, Security technology, Uncategorized

Good essay arguing that open-source software is a critical national-security asset and needs to be treated as such: Open source is at least as important to the economy, public services, and national security as proprietary code, but it lacks the same standards and safeguards. It bears the qualities of a public good and is as … Read More “Securing Open-Source Software” »

Apple’s Lockdown Mode

Posted on July 26, 2022 By infossl
apple, cybersecurity, ios, Security technology, Uncategorized, usability, vulnerabilities

I haven’t written about Apple’s Lockdown Mode yet, mostly because I haven’t delved into the details. This is how Apple describes it: Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most … Read More “Apple’s Lockdown Mode” »

When Security Locks You Out of Everything

Posted on June 28, 2022 By infossl
authentication, cybersecurity, passwords, Security technology, two-factor authentication, Uncategorized

Thought experiment story of someone who lost everything in a house fire, and now can’t log into anything: But to get into my cloud, I need my password and 2FA. And even if I could convince the cloud provider to bypass that and let me in, the backup is secured with a password which is … Read More “When Security Locks You Out of Everything” »

M1 Chip Vulnerability

Posted on June 15, 2022 By infossl
academic papers, apple, cybersecurity, hardware, malware, Security technology, Uncategorized, vulnerabilities

This is a new vulnerability against Apple’s M1 chip. Researchers say that it is unpatchable. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving … Read More “M1 Chip Vulnerability” »

Security and Human Behavior (SHB) 2022

Posted on May 31, 2022 By infossl
conferences, cybersecurity, privacy, security conferences, Security technology, terrorism, Uncategorized

Today is the second day of the fifteenth Workshop on Security and Human Behavior, hosted by Ross Anderson and Alice Hutchings at the University of Cambridge. After two years of having this conference remotely on Zoom, it’s nice to be back together in person. SHB is a small, annual, invitational workshop of people studying various … Read More “Security and Human Behavior (SHB) 2022” »

The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking

Posted on May 24, 2022 By infossl
courts, cybercrime, cybersecurity, national security policy, reverse engineering, Security technology, Uncategorized, vulnerabilities

Following a recent Supreme Court ruling, the Justice Department will no longer prosecute “good faith” security researchers with cybercrimes: The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw … Read More “The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking” »

Attacks on Managed Service Providers Expected to Increase

Posted on May 17, 2022 By infossl
advanced persistent threats, cybersecurity, infrastructure, national security policy, Security technology, Uncategorized

CISA, NSA, FBI, and similar organizations in the other Five Eyes countries are warning that attacks on MSPs — as a vector to their customers — are likely to increase. No details about what this prediction is based on. Makes sense, though. The SolarWinds attack was incredibly successful for the Russian SVR, and a blueprint … Read More “Attacks on Managed Service Providers Expected to Increase” »

Corporate Involvement in International Cybersecurity Treaties

Posted on May 6, 2022 By infossl
cybersecurity, national security policy, Security technology, Uncategorized

The Paris Call for Trust and Stability in Cyberspace is an initiative launched by French President Emmanuel Macron during the 2018 UNESCO’s Internet Governance Forum. It’s an attempt by the world’s governments to come together and create a set of international norms and standards for a reliable, trustworthy, safe, and secure Internet. It’s not an … Read More “Corporate Involvement in International Cybersecurity Treaties” »

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

Posted on March 15, 2022 By infossl
cyberattack, cyberespionage, cybersecurity, defense, espionage, hacking, infrastructure, laws, ransomware, Security technology, Uncategorized

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President … Read More “US Critical Infrastructure Companies Will Have to Report When They Are Hacked” »

Details of an NSA Hacking Operation

Posted on March 3, 2022 By infossl
cybersecurity, doxing, hacking, nsa, russia, Security technology, Uncategorized

Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group). …the scope of victims exceeded 287 targets in 45 countries, including … Read More “Details of an NSA Hacking Operation” »

Posts navigation

1 2 … 14 Next
fr_FR

Recent Posts

  • Friday Squid Blogging: SQUID Acronym for Making Conscious Choices
  • Twitter Exposes Personal Information for 5.4 Million Accounts
  • A Taxonomy of Access Control
  • Hacking Starlink
  • NIST’s Post-Quantum Cryptography Standards

Tags

academicpapers aes authentication biometrics books cellphones censorship control courts dea deanonymization denialofservice disclosure eavesdropping edwardsnowden encryption espionage facebook fbi foia gchq geolocation hacking historyofsecurity impersonation implants intelligence lies metadata missioncreep nationalsecuritypolicy nsa phones printers privacy reputation schools secrecy socialmedia squid surveillance tracking tradecraft undercover whistleblowers

Categories

  • 3dprinters
  • 911
  • academic papers
  • academicpapers
  • accountability
  • aclu
  • activism
  • adobe
  • advanced persistent threats
  • advancedpersistentthreats
  • adware
  • aes
  • airgaps
  • airtravel
  • alarms
  • algorithms
  • alqaeda
  • amazon
  • android
  • anonymity
  • Anonymous
  • antivirus
  • apache
  • apple
  • appliedcryptography
  • artificial intelligence
  • artificialintelligence
  • assassinations
  • atms
  • att
  • attribution
  • audio
  • auditing
  • australia
  • authentication
  • authorization
  • automation
  • backdoors
  • backups
  • banking
  • baserate
  • behavioraldetection
  • Beyond Fear
  • beyondfear
  • bgp
  • biologicalwarfare
  • biometrics
  • bios
  • bitcoin
  • BitLocker
  • blackberry
  • blackmail
  • blockchain
  • bluetooth
  • bombs
  • books
  • borders
  • botnets
  • brazil
  • breaches
  • bribes
  • browsers
  • business of security
  • businessofsecurity
  • cameras
  • camouflage
  • canada
  • cars
  • casinos
  • cell phones
  • cellphones
  • censorship
  • certificates
  • certifications
  • ch2ke
  • cheating
  • chelseamanning
  • child pornography
  • childpornography
  • children
  • china
  • chipandpin
  • chrome
  • cia
  • cisco
  • Citizen Lab
  • citizenlab
  • cloning
  • cloud computing
  • cloudcomputing
  • co3systems
  • coastguard
  • colombia
  • complexity
  • compliance
  • computer security
  • computersecurity
  • concealment
  • conferences
  • cons
  • consumerization
  • contests
  • control
  • cookies
  • cooperation
  • copyright
  • costbenefitanalysis
  • courts
  • coverups
  • COVID-19
  • covid19
  • cracking
  • credentials
  • credit cards
  • creditcards
  • crime
  • crowdsourcing
  • cryptanalysis
  • crypto wars
  • cryptocurrency
  • cryptography
  • cryptome
  • cryptowars
  • cuba
  • cyberattack
  • cybercrime
  • cyberespionage
  • cybersecurity
  • cyberterrorism
  • cyberwar
  • cyberweapons
  • dark web
  • darkweb
  • darpa
  • Data and Goliath
  • data breaches
  • data collection
  • data destruction
  • data mining
  • data protection
  • dataandgoliath
  • databases
  • databreaches
  • datacollection
  • datadestruction
  • dataloss
  • datamining
  • dataprotection
  • dataretention
  • de-anonymization
  • dea
  • deaddrops
  • deanonymization
  • deception
  • deep fake
  • deepfake
  • defense
  • deniability
  • denial of service
  • denialofservice
  • departmentofdefense
  • dhs
  • disclosure
  • disguise
  • disinformation
  • dmca
  • dna
  • dns
  • doghouse
  • doxing
  • drm
  • drones
  • drugtrade
  • e-mail
  • eavesdropping
  • ebay
  • ebooks
  • economics of security
  • economicsofsecurity
  • Edward Snowden
  • edwardsnowden
  • eff
  • egypt
  • email
  • embeddedsystems
  • employment
  • encryption
  • enigma
  • EPIC
  • epidemiology
  • espionage
  • essays
  • estonia
  • eu
  • exploits
  • externalities
  • extortion
  • face recognition
  • facebook
  • facerecognition
  • fake news
  • fakenews
  • false positives
  • falsenegatives
  • falsepositives
  • fbi
  • fear
  • feudalsecurity
  • filesharing
  • filtering
  • fingerprints
  • firefox
  • firewall
  • firmware
  • fisa
  • foia
  • forensics
  • forgery
  • Fortuna
  • france
  • fraud
  • fsecure
  • ftc
  • g7
  • gambling
  • games
  • gametheory
  • gaming consoles
  • gchq
  • gdpr
  • generations
  • geolocation
  • germany
  • gmail
  • google
  • googleglass
  • gps
  • guns
  • hackback
  • hacking
  • hardware
  • hashes
  • healthcare
  • history of computing
  • history of cryptography
  • historyofcomputing
  • historyofcryptography
  • historyofsecurity
  • homelandsecurity
  • hotels
  • hp
  • https
  • human rights
  • humor
  • ibm
  • ics
  • idcards
  • identification
  • identitytheft
  • impersonation
  • implants
  • incentives
  • incidentresponse
  • india
  • infrastructure
  • inrupt
  • insiders
  • insurance
  • intel
  • intelligence
  • internet
  • Internet and society
  • Internet of Things
  • internetandsociety
  • internetexplorer
  • internetofthings
  • interviews
  • ios
  • iphone
  • iran
  • iraq
  • ireland
  • irs
  • isis
  • isps
  • israel
  • italy
  • jamming
  • japan
  • Juniper
  • kaspersky
  • kazakhstan
  • key logging
  • keyescrow
  • keylogging
  • keys
  • kidnapping
  • killswitch
  • law enforcement
  • lawenforcement
  • laws
  • leaks
  • lebanon
  • lenovo
  • liarsandoutliers
  • lies
  • linkedin
  • linux
  • locks
  • loopholes
  • lotteries
  • machine learning
  • machinelearning
  • mail
  • malware
  • maninthemiddleattacks
  • marketing
  • mcafee
  • md5
  • medicine
  • metadata
  • microsoft
  • military
  • mitigation
  • monoculture
  • movieplotthreats
  • mozilla
  • music
  • national security policy
  • nationalism
  • nationalsecurityletters
  • nationalsecuritypolicy
  • naturalsecurity
  • networksecurity
  • Nigeria
  • nist
  • Non classé
  • North Korea
  • northkorea
  • norway
  • nsa
  • obscurity
  • onetimepads
  • open source
  • opensource
  • operating systems
  • operatingsystems
  • operational security
  • operationalsecurity
  • overreactions
  • pakistan
  • Password Safe
  • passwords
  • passwordsafe
  • patching
  • patents
  • patriotact
  • paypal
  • penetration testing
  • penetrationtesting
  • pgp
  • phishing
  • phones
  • photos
  • physical security
  • physicalsecurity
  • pins
  • plagiarism
  • point of sale
  • pointofsale
  • police
  • policy
  • pornography
  • power
  • press
  • printers
  • prison escapes
  • prisons
  • privacy
  • privilege escalation
  • programming
  • propaganda
  • protocols
  • pseudonymity
  • psychology of security
  • psychologyofsecurity
  • public interest
  • publicinterest
  • publictransit
  • qatar
  • quantum computing
  • quantum cryptography
  • quantumcomputing
  • quantumcryptography
  • random numbers
  • randomnumbers
  • ransomware
  • redaction
  • replayattacks
  • reports
  • reputation
  • resilience
  • resilientsystems
  • restaurants
  • retail
  • reverse engineering
  • reverseengineering
  • rfid
  • risk assessment
  • riskassessment
  • risks
  • robbery
  • robotics
  • rootkits
  • rsa
  • russia
  • sabotage
  • Safari
  • safes
  • samsung
  • saudiarabia
  • scada
  • scams
  • scanners
  • Schneier news
  • schneiernews
  • schneierslaw
  • schools
  • sciencefiction
  • search engines
  • searches
  • secrecy
  • secretsharing
  • security analysis
  • security conferences
  • security education
  • security engineering
  • security standards
  • Security technology
  • security theater
  • securityanalysis
  • securityawareness
  • securityconferences
  • securityeducation
  • securityengineering
  • securitymindset
  • securitymonitoring
  • securitypolicies
  • securityquestions
  • securitystandards
  • securitytheater
  • securitytokens
  • sensors
  • sha1
  • side-channel attacks
  • sidechannelattacks
  • signal
  • signatures
  • SIM cards
  • simcards
  • skimmers
  • skype
  • smart cards
  • smartcards
  • smartphones
  • sms
  • smuggling
  • snakeoil
  • social engineering
  • social media
  • socialengineering
  • socialmedia
  • societalsecurity
  • softwareliability
  • sony
  • southkorea
  • spain
  • spam
  • spoofing
  • sports
  • spyware
  • sqlinjection
  • squid
  • ss7
  • ssh
  • ssl
  • stalking
  • steganography
  • stuxnet
  • supply chain
  • supplychain
  • surveillance
  • sweden
  • switzerland
  • symantec
  • syria
  • T-Mobile
  • tamper detection
  • tamperdetection
  • taxonomies
  • telegram
  • television
  • tempest
  • termsofservice
  • terrorism
  • Thailand
  • theft
  • threat models
  • threatalerts
  • threatmodels
  • tls
  • tor
  • torture
  • tpm
  • tracing
  • tracking
  • tradecraft
  • traffic analysis
  • trafficanalysis
  • transparency
  • transportation
  • trust
  • tsa
  • turkey
  • twitter
  • two-factor authentication
  • twofactorauthentication
  • twofish
  • uae
  • uber
  • uk
  • ukraine
  • un
  • Uncategorized
  • undercover
  • unitedarabemirates
  • usability
  • usb
  • usps
  • utilities
  • uzbekistan
  • verisign
  • verizon
  • video
  • videoconferencing
  • videos
  • violence
  • voice recognition
  • voicerecognition
  • voip
  • voting
  • vpn
  • vulnerabilities
  • war
  • war on the unexpected
  • warontheunexpected
  • watchlists
  • weapons
  • web
  • web privacy
  • webprivacy
  • whatsapp
  • whistleblowers
  • Wi-Fi
  • wifi
  • wikileaks
  • windows
  • wireless
  • yahoo
  • zero-day
  • zeroday

Archives

  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014

Copyright © 2022 SSL and internet security news.

Theme: Oceanly by ScriptsTown