“TrueCrypt is not secure,” official SourceForge page abruptly warns

Wednesday, May 28th, 2014

One of the official webpages for the widely used TrueCrypt encryption program says that development has abruptly ended and warns users of the decade-old tool that it isn't safe to use. "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues," text in red at the top of ...

Unencrypted cookies make WordPress accounts vulnerable over open networks

Wednesday, May 28th, 2014

People accessing the Internet over open WiFi networks are now vulnerable to having their WordPress webpage hijacked even with two-step authentication enabled. This new vulnerability was found by Yan Zhu, a staff technologist with the Electronic Frontier Foundation. Zhu found that when accessing WordPress, the site sends a cookie in plain text ...

The Heartbleed Bug

Monday, April 7th, 2014

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging ...

WPA2 wireless security cracked

Friday, March 21st, 2014

There are various ways to protect a wireless network. Some are generally considered to be more secure than others. Some, such as WEP (Wired Equivalent Privacy), were broken several years ago and are not recommended as a way to keep intruders away from private networks. Now, a new study published ...

Major security flaw threatens Linux users

Wednesday, March 5th, 2014

A source code mistake in the GnuTLS library an open-source software building block used in a large number of different Linux distributions to handle secure Internet connections could prove a serious threat to the privacy of Linux users, as developers rush to patch the vulnerability. Nikos Mavrogiannopolous, the developer of GnuTLS, ...