Maritime lawyers assemble!

Maritime cyber insurance has been playing catch-up with maritime cyber security for a while now. It was all pretty good until the availability of cheap VSAT meant that ships became constantly connected. Vessels were mostly not connected at sea, other than Fleet Broadband connections, rarely used...

U.S. Charges Huawei with Stealing Trade Secrets from 6 Companies

The US Department of Justice DoJ and the Federal Bureau of Investigation FBI charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. Accusing Huawei and its affiliate...

More on the Five Eyes Statement on Encryption and Backdoors

Earlier this month, I wrote about a statement by the Five Eyes countries about encryption and back doors. Short summary: they like them. One of the weird things about the statement is that it was clearly written from a law-enforcement perspective, though we normally think of the Five Eyes as a...

WhatsApp Adds End-to-End Encryption To One Billion Users

The world’s largest online communications company WhatsApp, with one billion users, announced Tuesday it added end-to-end encryption to its entire platform. The move is seen as a major win for security and privacy advocates. It also shifts the encryption spotlight away from Apple and its battle...

Podcast Discussing the Week's Security, Crypto News

Dennis Fisher and Mike Mimoso talk about the Logjam attack, the proposed Wassenaar export rules on exploits, and the letter to the president decrying crypto back doors. They do not talk about the Mad Men finale. Nor will they ever. Download: digitalunderground204.mp3 Music by Chris Gonsalves...

Phil Zimmermann: 'We Really, Really Don't Have the Keys'

SAN JUAN, Puerto Rico–Phil Zimmermann has seen more changes in the the threat landscape in his career than he may care to remember. The inventor of the PGP encryption software and one of the key movers in the crypto wars of the early 1990s, Zimmermann is back in the game now with a new mobile...

Hackers Exploiting Zero-Day in WordPress Themes

Hackers are actively exploiting a zero-day vulnerability that may be affecting millions of WordPress users. The bug was found in an image re-sizing utility that comes built-in to a number of commercial and free themes on the popular blogging platform. The vulnerability, discovered by Feedjit...

Report: Reused, Third Party Code Major Sources of Insecurity

A new report out from security testing firm Veracode suggests that reused and third party code is a big source of application insecurity. Application security is a sore spot for many organizations, as attackers shift the battlefield from operating system and network attacks to application specifi...

Security Best Practice: Familiarize Yourself with the General HTTP Worm Catcher

A worm is a self-replicating malware, which propagates by actively sending itself to new machines. There are worms that propagate by using security vulnerabilities in HTTP servers or clients. Some worms are able to open back doors, launch Trojans, stop security applications and destroy computer...