Kaminsky: We Need an NIH for Cybersecurity
LAS VEGAS–The security field needs an NIH-like organization for the deep study of defensive and offensive techniques and technology to help fix the systemic problems facing the industry, a prominent security researcher says. Dan Kaminsky, a longtime researcher, said the Internet is plagued by a number of serious issues right now, problems that threaten the […]
Google Patches Dozens of Critical Bugs in Android
Google has just released fixes for a pile of vulnerabilities in Android, including three dozen critical flaws in Qualcomm components that affect the operating system. The August patch release from Google is, like last month’s, split into two separate patch levels. The August 1 level contains a small subset of the fixes that are included […]
Dollar, Dollar Bills Y’all: Stealing Money From Venmo Users Over SMS
LAS VEGAS–Mobile payments services have become a popular choice for consumers, but security researchers have been finding plenty of vulnerabilities in them, and Venmo is the latest one to take a hit. A researcher was able to uncover a number of weaknesses in the Venmo mobile payment system recently, some of which enabled him to steal […]
Google Turns on Forced Secure Connections for Search
Google has made a major change in the security if its main search page, turning on a feature that forces encrypted connections between Google’s servers and visitors. The move ensures that users will only communicate with Google.com over an SSL connection, even if they initially sent the request over plaintext HTTP. The company on Friday […]
On the Wire Podcast: Black Hat Preview
The Black Hat conference has become an overwhelming mass of talks, press conferences, and more talks. In this episode of the podcast, Dennis Fisher calls up Mike Mimoso of Threatpost to go over the talks they’re interested in seeing, the Apple iOS 10 security session, and how the conference has evolved over the years.