Virus Bulletin Editor Martijn Grooten calls for the security community not to forget those most vulnerable in the digital world, including political activists living under oppressive regimes, and victims of abuse.
The new UK government has passed a far-reaching surveillance law. The new US government has stripped privacy rights from non-citizens. Surely, those who have warned about the… https://www.virusbulletin.com/blog/2017/02/we-shouldnt-forget-those-most-vulnerable-our-digital-world/
Agencies looked for vulnerabilities to exploit and for submitted malware samples.
Agencies looked for vulnerabilities to exploit and for submitted malware samples. New documents from NSA whistle-blower Edward Snowden have revealed the agency and its British… https://www.virusbulletin.com/blog/2015/06/nsa-gchq-found-target-anti-virus-products/
'Logjam' attack possibly used by the NSA to decrypt VPN traffic.
'Logjam' attack possibly used by the NSA to decrypt VPN traffic. A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange… https://www.virusbulletin.com/blog/2015/05/weak-keys-and-prime-reuse-make-diffie-hellman-implementations-vulnerable/
No excuse for sending error reports in cleartext.
No excuse for sending error reports in cleartext. All happy programs are the same. But each unhappy program crashes in its own way. In a report published yesterday, security firm… https://www.virusbulletin.com/blog/2014/02/windows-error-reporting-used-discover-new-attacks/
Too few currently possess the skills to verify standards.
Too few currently possess the skills to verify standards. Recent revelations of the NSA's crypto-breaking capabilities have led to calls for better cryptography. But we need more… https://www.virusbulletin.com/blog/2013/09/backdoored-standards-show-we-desperately-need-more-cryptographers/
NSA activities could make millions avoid US-based services.
NSA activities could make millions avoid US-based services. We have all been there. To continue the product you're working on, you need to get some extra permission: a port needs… https://www.virusbulletin.com/blog/2013/08/there-no-i-know-what-i-am-doing-trump-card-security/