January 25, 2012 Added by:PCI Guru
Regardless of the algorithm used, they are not perfect. Over time, encryption algorithms are likely to be shown to have flaws or be breakable. Some flaws may be annoyances that you can work around or you may have to accept some minimal risk of their continued use...
January 23, 2012 Added by:Javvad Malik
I assumed that senior technology managers would have half a clue about technology. I have thought long and hard about this and think the easiest way to explain this would be to replace the word encryption with witchcraft. It too is misunderstood by the masses...
January 03, 2012 Added by:Electronic Frontier Foundation
At EFF we are big fans of HTTPS, the secure version of HTTP that allows for private conversations between websites and users who are browsing them. Though we've known that this system has been flawed for a while now, last year there were two attacks that acutely demonstrated just how brittle it is...
December 31, 2011 Added by:Larry Karisny
Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...
December 20, 2011 Added by:Headlines
"The primary goal of these Requirements is to enable efficient and secure electronic communication, while addressing user concerns about the trustworthiness of Certificates. The Requirements also serve to inform users and help them to make informed decisions when relying on Certificates..."
December 19, 2011 Added by:Kanguru Solutions
Adding encryption is a relatively easy and cost effective way to secure your organizations data without adding significant cost or complexity. For organizations dealing with confidential information (healthcare, banking, government) it should be mandatory...
December 06, 2011 Added by:Headlines
"The Diginotar attack was an attack on the foundations of secure electronic communications (email, web browsing, web services). The above-mentioned issues should be addressed by industry and governments, to guarantee the security of service in the digital society..."
November 01, 2011
An in-depth examination of the current problems with authenticity in SSL, some of the recent high-profile SSL infrastructure attacks in detail, and some strategies to definitively fix the disintegrating trust relationships at the core of this fundamental protocol...
October 13, 2011 Added by:Jonathan Lampe
File transfer utilities copy files from point A to point B and many even use point-to-point transport technologies such as SSL/TLS or SSH. However, transport-level level encryption is rarely enough to provide the assurance required to comply with regulations, expectations or company policies...
September 29, 2011 Added by:f8lerror
September 29, 2011 Added by:Kanguru Solutions
Flash drives have revolutionized the business world with their convenience and portability. However, for infosec professionals, flash drives are a dual edged sword. If lost or stolen, a single unencrypted flash drive has the potential to cause a costly data breach...
September 28, 2011 Added by:Headlines
"If the user closes all existing HTTP tabs and untrusted HTTPS tabs, then browses to the trusted HTTPS site... and logs out of that HTTPS session before browsing any other HTTP sites or untrusted HTTPS sites, the user will NOT be at risk for this attack..."
September 20, 2011 Added by:Headlines
Security provider Barracuda Networks has warned of a spamming campaign targeting Royal Bank of Canada customers. The spam messages falsely notify users that their SSL certificate has expired, and that in order to continue using online banking services they are required to update the certificate...
September 16, 2011 Added by:Headlines
"An unauthorized third party (hacker) has been active on the CA server that is used for issuing qualified certificates... The integrity of the data on the [DigiNotar] server that is used for production and issuance of qualified certificates is therefore impossible to guarantee..."
September 16, 2011 Added by:Emmett Jorgensen
There are variables at work that often require security measures above and beyond encryption. The confidentiality of the data you are working with, state, federal and industry regulations, user habits, platforms and more all factor into the security measures needed to safeguard your data...
Why Enterprises Are Struggling So Much with ... Eric Kronthal on 03-07-2014
Making Sense of Split Tunneling ... nat ravitz on 03-07-2014
Patching WordPress Username Disclosure... Neo on 03-07-2014