The Defense Advanced Research Projects Agency (DARPA) is looking for new program analysis techniques and tools to enable analysts to identify vulnerabilities in algorithms implemented in software used by the US government, military, and economic entities.
Security flaws, breaches of privacy and additional vulnerabilities in chat, dating and other social media apps used by nearly one billion subscribers will be revealed by the University of New Haven's Cyber Forensics Research and Education Group (UNHcFREG).
To hear the FBI tell it, tracking down the secret server behind the billion-dollar drug market known as the Silk Road was as easy as knocking on a door. But the technical side of the security community, who have long tracked the dark web’s experiments in evading law enforcement, don’t buy that simple story.
As the trial of alleged Silk Road drug market creator Ross Ulbricht approaches, the defense has highlighted the mystery of how law enforcement first located the main Silk Road server in an Icelandic data center, despite the computer being hidden by the formidable anonymity software Tor. Was the FBI tipped off to the server’s location by the NSA, who used a secret and possibly illegal Tor-cracking technique?
When one Atlanta, Georgia-based Internet provider was served a top-secret data request, there wasn't a federal agent in sight. Why? Because the order was served on a so-called "trusted third-party," which handles the request, served fresh from the secretive Washington D.C.-based Foreign Intelligence Surveillance (FISA) Court.
The six-year old Conficker worm is still a major presence in the threat landscape, accounting for 38 percent of all detections in the first half of 2014, according to security vendor F-Secure’s latest Threat Report.
In late May, an international law enforcement effort disrupted the Gameover Zeus (GoZ) botnet, a network of compromised computers used for banking fraud. The crackdown effectively eliminated the threat from Cryptolocker. Yet, ransomware is not dead, two recent analyses have found.
The Chinese authorities have launched a man-in-the-middle attack campaign against users of the country’s research and education network CERNET who try to search via Google, in a bid to monitor and censor the HTTPS site.
Home Depot has not yet confirmed that a slew of fraudulent transactions came from a breach of its systems, yet an increasing body of evidence is mounting that points to a massive compromise linked to the home-supply retail chain.
Around 350 Android apps that can be downloaded from Google play and Amazon stores fail to properly validate SSL certificates for HTTPS connections, and thus open users to Man-in-the-Middle attacks if they use them on insecure and open networks, a researcher has warned.
Home improvement retailer Home Depot Inc has been in contact with the U.S. Secret Service about an alleged major breach of customer and credit card data that came to light this week, a law enforcement source has told Reuters.
The underground market for cybercrime products and services in China is booming, with both the number of participants and IM messages sent between those participants doubling last year, according to new research from Trend Micro.
A "safe harbor" clause in the 1998 law called the Digital Millennium Copyright Act absolves websites of any legal liability for virtually all content posted on their services. The law, known as the DMCA, requires websites and other Internet service providers to remove a piece of content believed to be infringing on a copyright after being notified of a violation by the copyright owner.
Apple has blamed a "very targeted attack" for the suspected breach of numerous celebrities' iCloud accounts, which resulted in nude photographs and videos being leaked to the 4chan image board. But some security experts have taken issue with Apple's explanation for the attacks. And they contend the company's iCloud service remains vulnerable to similar exploits.
Device and data security will assume critical significance for companies adopting a bring you own device (BYOD) policy, especially with nearly 50 percent of companies having reported lost mobile handsets in the last year. According to IT services specialist ITC Infotech, lack of a stringent BYOD policy can lead to the risk of a major security breach.