Latest news

Google Comes Down on Ad Fraud
Privacy

Google Comes Down on Ad Fraud

There are a lot of terrible, terrible things on the Internet and much of that garbage is related to or contained in ads. Malware, phishing links, scams, and other forms of badness all have strong connections to the online ad world, and new data from Google shows just how tight those […]

On the Wire Podcast: Steven Murdoch
Authentication, Podcast, Privacy

On the Wire Podcast: Steven Murdoch

Steven Murdoch is a researcher at University College London and this week published a detailed technical analysis of the MIKEY-SAKKE protocol that is implemented in the U.K.’s Secure Chorus standard for voice encryption. Secure Chorus is set up for key escrow by design, a fact that Murdoch explains in his […]

UK Government Voice Encryption Standard Built for Key Escrow, Surveillance
Authentication, Device Security, Privacy

UK Government Voice Encryption Standard Built for Key Escrow, Surveillance

The U.K. government’s standard for encrypted voice communications, which already is in use in intelligence and other sectors and could be mandated for use in critical infrastructure applications, is set up to enable easy key escrow, according to new research. The standard is known as Secure Chorus, which implements an encryption protocol […]

Serious Yahoo Mail XSS Bug Fixed
Authentication, Identity

Serious Yahoo Mail XSS Bug Fixed

Yahoo has fixed a serious cross-site scripting vulnerability in its webmail product that could’ve allowed an attacker to take over a victim’s email account with one malicious email. The bug is a specific kind of cross-site scripting vulnerability known as stored XSS. In order to trigger it, an attacker would […]

On the Wire Podcast: Mike Hanley
Authentication, Podcast

On the Wire Podcast: Mike Hanley

Mike Hanley is the program manager for research and development in Duo Security‘s Labs division, and is a former senior member of the technical staff at the CERT/CC at Carnegie Mellon University. In today’s podcast, Dennis Fisher talks to Mike about the ways in which two-factor authentication is deployed right now, […]