LinkedIn's domain name was temporarily redirected to a third-party server Thursday, which resulted in a service outage and potentially put user accounts at risk of compromise. Uptime monitoring service Pingdom recorded that LinkedIn was ...
Until late January, Apple's App Store servers did not encrypt all communications with iOS clients, which exposed users to several potential attacks, according to a Google security researcher. "The Apple App Store and associated ...
Tags: iOS App Store, iOS clients, Apple
One week after launching a security bug bounty program, the new file-storage and sharing service Mega claims to have fixed seven vulnerabilities, none of which met its highest severity classification. Since Mega was launched three weeks ...
Tags: Mega, security bug, file-storage, file-sharing
Digital rights and privacy advocates have welcomed Yahoo's decision to provide its users with an option to enable HTTPS (HTTP Secure) for their entire webmail sessions. "We're really happy that Yahoo! is starting 2013 right by letting ...
Tags: Yahoo, HTTP Secure, webmail session, digital rights
They say no one can hear you scream in space, but if you so much as whisper on the Web, you can be tracked by a dozen different organizations and recorded for posterity. Simply visiting a website can allow its operators to figure out your ...
Tags: device information, advertising cookies, web
Cloud-based security services provider Zscaler has released an implementation for Internet Explorer of the HTTPS Everywhere browser security extension. HTTPS Everywhere forces the browser to always connect over HTTPS(HTTP Secure)to ...
Tags: cloud-based security services, Zscaler, HTTPS Everywhere
The 'CRIME' attack announced last week exploits the data compression scheme used by the TLS (Transport Layer Security) and SPDY protocols to decrypt user authentication cookies from HTTPS (HTTP Secure) traffic, one of the attack's creators ...
Tags: CRIME attack, data compression scheme, TLS, SPDY protocols, HTTPS