Tag: Second | Page 8

Second HTTPS snooping flaw breaks security for thousands of iOS apps

April 27, 2015/in Computer Security

Attackers can potentially snoop on the encrypted traffic of over 25,000 iOS applications due to a vulnerability in a popular open-source networking library.

The vulnerability stems from a failure to validate the domain names of digital certificates in AFNetworking, a library used by a large number of iOS and Mac OS X app developers to implement Web communications—including those over HTTPS (HTTP with SSL/TLS encryption).

The flaw allows attackers in a position to intercept HTTPS traffic between a vulnerable application and a Web service to decrypt it by presenting the application with a digital certificate for a different domain name. Such man-in-the-middle attacks can be launched over insecure wireless networks, by hacking into routers or through other methods.

To read this article in full or to leave a comment, please click here

Network World Security

Adobe gets second Flash zero-day patch ready 2 days early!

January 26, 2015/in Internet Security

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash. The patch is now ready via auto-update – 2 days early!
Naked Security – Sophos

Silk Road alternatives live on despite second FBI raid

November 7, 2014/in Computer Security

In a development that those involved in the project clearly should have seen coming, the FBI today shut down Silk Road 2.0, the revival of the deep web black market site that the FBI took down in September 2013, and arrested its suspected operator exactly one year after it went live.

Blake Benthall, a 26-year-old San Francisco programmer who claimed to work for SpaceX, was charged with conspiring to commit narcotics trafficking, which, the FBI reminds us in a press release, “carries a maximum sentence of life in prison and a mandatory minimum sentence of 10 years in prison,” among other charges.

To read this article in full or to leave a comment, please click here

Network World Colin Neagle

First Nadella: Women shouldn’t ask for raises. Second Nadella: Yes they should

October 12, 2014/in Internet Security

Bottom line: I can’t help but believe that what Microsoft CEO Satya Nadella first said about women asking for pay raises – that they shouldn’t do it – is what Nadella actually believes and that his attempts to take it back are simply damage control.

Granted, it’s impossible to know for sure what someone else actually believes, but the two viewpoints Nadella expressed mere hours apart yesterday would seem impossible to reconcile.

Appearing at the Grace Hopper Celebration of Women in Computing, Nadella was asked for his advice to women who are not comfortable asking for a raise.

To read this article in full or to leave a comment, please click here

Network World Paul McNamara

Tag Archive for: Second