Blog keyword search

We shouldn't forget those most vulnerable in our digital world

Virus Bulletin Editor Martijn Grooten calls for the security community not to forget those most vulnerable in the digital world, including political activists living under oppressive regimes, and victims of abuse.
The new UK government has passed a far-reaching surveillance law. The new US government has stripped privacy rights from non-citizens. Surely, those who have warned about the… https://www.virusbulletin.com/blog/2017/02/we-shouldnt-forget-those-most-vulnerable-our-digital-world/

NSA, GCHQ found to target anti-virus products

Agencies looked for vulnerabilities to exploit and for submitted malware samples.
Agencies looked for vulnerabilities to exploit and for submitted malware samples. New documents from NSA whistle-blower Edward Snowden have revealed the agency and its British… https://www.virusbulletin.com/blog/2015/06/nsa-gchq-found-target-anti-virus-products/

Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

'Logjam' attack possibly used by the NSA to decrypt VPN traffic.
'Logjam' attack possibly used by the NSA to decrypt VPN traffic. A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange… https://www.virusbulletin.com/blog/2015/05/weak-keys-and-prime-reuse-make-diffie-hellman-implementations-vulnerable/

Windows Error Reporting used to discover new attacks

No excuse for sending error reports in cleartext.
No excuse for sending error reports in cleartext. All happy programs are the same. But each unhappy program crashes in its own way. In a report published yesterday, security firm… https://www.virusbulletin.com/blog/2014/02/windows-error-reporting-used-discover-new-attacks/

Backdoored standards show we desperately need more cryptographers

Too few currently possess the skills to verify standards.
Too few currently possess the skills to verify standards. Recent revelations of the NSA's crypto-breaking capabilities have led to calls for better cryptography. But we need more… https://www.virusbulletin.com/blog/2013/09/backdoored-standards-show-we-desperately-need-more-cryptographers/

There is no 'I know what I am doing' trump card in security

NSA activities could make millions avoid US-based services.
NSA activities could make millions avoid US-based services. We have all been there. To continue the product you're working on, you need to get some extra permission: a port needs… https://www.virusbulletin.com/blog/2013/08/there-no-i-know-what-i-am-doing-trump-card-security/