Opinion: As 2014 comes to a close, bugs are increasingly disclosed with catchy names and logos. Heartbleed's branding changed the way we talk about security, but is making a bug 'cool' frivolous or essential?
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of security. He is the author of three books and thousands of published articles and many more unpublished, private reports. Larry has been Technical Director at several test laboratories where he both directed and ran product testing, with a special interest in test automation. Larry began his career as a Software Engineer at the now-defunct Desktop Software Corporation in Princeton, NJ, on the team that wrote the NPL 4GL query language. He also worked on corporate IT and software development at Chase Econometrics. Larry is a graduate of the University of Pennsylvania with a degree in Public Policy.
Ms. Violet Blue (tinynibbles.com, @violetblue) is a freelance investigative reporter on hacking and cybercrime at Zero Day/ZDNet, CNET and CBS News, as well as a noted sex columnist. She has made regular appearances on CNN and The Oprah Winfrey Show and is regularly interviewed, quoted, and featured in a variety of publications that includes ABC News and the Wall Street Journal. She has authored and edited award-winning, best selling books in eight translations and has been a sex columnist for the San Francisco Chronicle. She has given keynote talks at such conferences as ETech, LeWeb, and the Forbes Brand Leadership Conference, and has given two Tech Talks at Google. In 2010, the London Times named Blue one of “40 bloggers who really count.” Ms. Blue is the author of The Smart Girl's Guide to Privacy. Violet Blue bio courtesy of TTI Vanguard.
Two governments working together are said to have developed the state-sponsored malware that attacked the European Union. Guess what? One of the makers was an EU country.
Symantec wasn't the only company following Regin. Kaspersky and F-Secure have something to say about who was hit. Regin also spies on GSM cellular networks.
With version 5.0, Android makes the work of enterprise admins much easier. Security is stronger and more standardized. Android fragmentation is crumbling.
Symantec researchers are impressed by Regin, which has been conducting high-level surveillance campaigns worldwide since 2008. Is it state-sponsored?
A collection of notable security news items for the week ending November 21, 2014. Covers enterprise, controversies, reports and more.
What scams and schemes do you need to watch out for during the holiday season?
The Masque bug that affects iOS apps has the potential to steal data from legitimate sources, due to a lack of encryption in apps across the board.
Because the last thing you want is a potentially hostile country controlling the light switches in America from half the world away.
The new free certificate authority is a great idea, as far as it goes. Should Symantec and the other big CAs be worried? Probably not.
According to Verisign, DDoS attacks going beyond 10Gbps continue to rise, causing a headache for the enterprise.
The human rights group says the new anti-surveillance tool is a 'strike back' against governments that have overextended their reach.
The Windows KDC didn't properly validate parts of Kerberos tickets. It may be possible for admins to detect if they have been exploited.
The latest stable version of Chrome removes the source of the POODLE bug and SSLv3 support will be out altogether over time. The Canary version disparages implementations not up to standards.
The top security threats of 2014 include equal parts old mistakes, new adversaries, innocent human nature and the evils that people do.