Home Tags Trust

Tag: Trust

Russian-controlled telecom hijacks financial services’ Internet traffic

Visa, MasterCard, and Symantec among dozens affected by "suspicious" BGP mishap.

Peace in our time! Symantec says it can end Google cert...

It's basically a promise to do better and not mess things up Symantec is hoping to get its certificates back on Google's trust list.…

Symantec promises audit-fest to placate Google trust reduction plans

TLS certificate vendor says it will even audit its previous audits to prevent having Google reduce its trust on Symantec certificates.

Samsung Smart TV pwnable over Wi-Fi Direct, pentester says

Sammy says trust-known-MACs code is a feature not a bug A security researcher is complaining that Samsung isn't making a serious response to a vulnerability in its Smart TVs.…

Five years later, legal Megaupload data is still trapped on dead...

Man who asked to get back his sports videos never got a court hearing.

Google zero-trust security framework goes beyond passwords

With a sprawling workforce, a wide range of devices running on multiple platforms, and a growing reliance on cloud infrastructure and applications, the idea of the corporate network as the castle and security defenses as walls and moats protecting the perimeter doesn’t really work anymore. Which is why, over the past year, Google has been talking about BeyondCorp, the zero-trust perimeter-less security framework it uses to secure access for its 61,000 employees and their devices. The core premise of BeyondCorp is that traffic originating from within the enterprise’s network is not automatically more trustworthy than traffic that originated externally. Instead of traditional methods such as VPNs and login credentials to establish trust and verify identity, Google relies on a “tiered access” model, which looks at the user’s individual and group permissions, the user’s privileges as defined by the job role, and the state of the device being used to make the request.To read this article in full or to leave a comment, please click here

Google Won’t Trust Symantec and Neither Should You

As bad as this controversy is for Symantec, the real damage will befall the company and individual web sites deemed untrustworthy by a Chrome browser on the basis of a rejected Symantec certificate.

VU#921560: Microsoft OLE URL Moniker improperly handles remotely-linked HTA data

Microsoft OLE uses the URL Moniker to open application data based on the server-provided MIME type,which can allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system.

IDG Contributor Network: Can you trust Linux-based Tizen OS?

Yesterday I wrote a story about millions of Samsung IoT that are vulnerable to attacks due to zero-day security holes.
I have been extremely critical of IoT vendors ignoring the importance of updates and security, putting millions of users at risk.
In the case of Samsung, what bothered me the most was that these devices are running Tizen OS, a Linux-based open source operating system that’s hosted by the Linux Foundation.I reached out to the Linux Foundation to discuss the security of the project. Here is an edited version of my interview with Nicko van Someren, Chief Technology Officer, The Linux Foundation.To read this article in full or to leave a comment, please click here

Trust issues: Know the limits of SSL certificates

Certificate authorities (CAs) have given themselves a black eye lately, making it hard for users to trust them.

Google stopped trusting Symantec after discovering the CA had mis-issued thousands of certificates over several years, and researchers found that phishing sites were using PayPal-labeled certificates issued by Linux Foundation’s Let’s Encrypt CA.

Even with these missteps, the CAs play a critical role in establishing trust on the internet.To read this article in full or to leave a comment, please click here

Online Trust Alliance merges with Internet Society

Two become one Key internet standards-making body the Internet Society (ISOC) and security and privacy org the Online Trust Alliance (OTA) are merging.…

IDG Contributor Network: IoT is going to kill your smartphones

I don't remember when I last used my phone.Seriously. No, really, I am not a tech-denying hipster who brags about using command line for everything or who uses technologies that are deemed ancient even by the Amish community's standards.
I don't liv...