All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Despite commitments by leading payment card brands to enhance security, some critics say the White House cybersecurity summit produced no specifics for how the public and private sectors will curb cyber-fraud.
It's barely a drop in the bucket, but President Obama is earmarking $7 million of his nearly $4 trillion federal budget to help NIST provide stronger cryptographic solutions and privacy-enhancing tools.
Chinese authorities reportedly want foreign software and hardware vendors that sell to its banking sector to share source code and encryption keys. Western technology firms have reacted with alarm.
Data breaches are inevitable, hence it's up to executives to ensure their enterprise is secured, without trying to encrypt everything, warns Prakash Panjwani, president and chief executive officer of SafeNet.
The Federal Reserve on Jan. 26 revealed its roadmap for an overhaul of the U.S. payments system, which includes plans for faster settlement and a focus on improving payments security to reduce fraud.
Nearly a year after issuing a first draft, NIST has released a substantially revised proposal for changing the way it develops cryptographic standards. The effort was launched after the NSA was accused of tampering with a NIST cryptographic algorithm.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
Following the Paris terror attacks, the French government plans to strengthen its surveillance laws, while the British prime minister has promised to allow intelligence agencies to penetrate any encrypted communications.
Richard Spurr has been CEO of security vendor ZixCorp for more than 10 years. How has his approach to e-mail security evolved, and how does he see evolving threats and the marketplace changing in the year ahead?
Security experts are sounding warnings that a flaw known as POODLE, revealed Oct. 14, can now be used to decrypt some Internet communications secured using TLS. Vendors have begun describing workarounds and issuing patches.
Ten months after NIST issued a draft report proposing changes on how it develops cryptographic standards, following reports that the NSA tampered with a NIST cryptographic algorithm, the institute has yet to finalize that guidance.
Retailers say tokenization and encryption are critical to ensuring payment card data security. Aite's Natalie Reinelt describes how merchants will use layers of security to protect data at the point of capture.
Microsoft has issued an emergency fix for a vulnerability in Windows Kerberos that is being exploited via in-the-wild attacks. Attackers can leverage the flaw to gain all-access rights to anything inside an Active Directory Domain, experts warn.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.