Researchers claim that unusual BGP routing changes are actually man-in-the-middle surveillance.
Tag Archives: man in the middle
Authentication is all around us! 60 Sec Security [VIDEO]
Here’s our latest “60 Second Security” video – catch the week’s security news in just 1 minute.
SSCC 202 – They hacked the US Army? Are you SURE? [PODCAST]
Join Sophos security experts Chester Wisniewski and Paul Ducklin for this week’s security podcast. Apple, Microsoft, patching, hacking the army (sort of), and 49 arrests in a Europol action against bank fraudsters!
Anatomy of a LOGJAM – another TLS vulnerability, and what to do about it
We’ve had BEAST, Lucky Thirteen, BREACH, BEAST, POODLE, Heartbleed and FREAK…now, it’s LOGJAM. Paul Ducklin explains, and tells you what you can do about it.
TLS certificate blunder revisited – whither China Internet Network Information Center?
Just under three weeks ago, we wrote about a TLS certificate blunder by a Root Certificate Authority called CNNIC. We thought we’d revisit that story today to see how the Big Four browser makers responded to the lapse…
Serious Security: China Internet Network Information Center in TLS certificate blunder
TLS certificates are very important. In fact, you could say they are the cornerstone of online security, especially for e-commerce. So we thought we’d use a story about a recent certificate security blunder to remind you why…
SSCC 187 – The cryptography edition [PODCAST]
Sophos expert John Shier sits in for regular presenter Chester Wisniewski in this episode. John and Paul Ducklin dissect the latest security issues, which were dominated this week by some thorny matters of cryptography.
What’s SUPER and helps you to PHISH, sorry, FISH? 60 Sec Security [VIDEO]
Here’s our weekly news roundup – from Superfish to Super Spectacles. It’s amusing, informative, and only takes a minute – enjoy!
SSCC 177 – Will Sony’s breach be the never ending story? [PODCAST]
Here’s the latest episode of our regular security podcast. Enjoy!
Coinbase wallet app in SSL/TLS SNAFU, joins the insecure mobile banking club
The popular Bitcoin wallet Coinbase has a crucial security flaw in its Android apps which could allow an attacker to steal authentication codes and access users’ accounts, according to a security researcher. Coinbase is far from alone in leaving its wallet app users vulnerable, so what should you do to stay safe when using mobile banking apps?