Elie
JANUARY 31, 2015
19.5% of HTTPS-enabled sites in Alexa's Top 1 Million trigger or will soon trigger a Chrome security warning because they are using the now deprecated SHA-1 signature algorithm to sign their HTTPS certificate. Soon those sites will be flagged by all major browsers as insecure.
NopSec
JANUARY 27, 2015
Our partner Qualys discovered a new vulnerability nick-named “GHOST” (called as such because it can be triggered by the GetHOST functions) and worked with most of the Linux operating system distributions to patch it as of January 27th 2015. The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Privacy and Cybersecurity Law
JANUARY 12, 2015
Alberta’s Personal Information Protection Act (PIPA) entered 2015 with a (slightly) new look. Amendments set out in Bill 3, the […].
Spinone
JANUARY 27, 2015
Since we live in a digital world, we are so familiar with all privacy laws and its boundaries. All the news are full of caution not to be hacked, not to put easy passwords, and so on. Definitely, security is the top priority for brand companies to defend their critical data and reputation. Yet, we are more curious about if it’s important at all for individual users to care about hackers, or any other way of their data loss.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Privacy and Cybersecurity Law
JANUARY 21, 2015
In a previous post on online behavioural advertising (OBA), we wrote about the Office of the Privacy Commissioner’s “call to action” to stakeholders in […].
NopSec
JANUARY 29, 2015
In the previous blog post here, we described the GHOST Linux glibc vulnerability in details and its repercussions to the affected systems in terms of risk. NopSec Unified VRM helps identify the Linux GHOST glibc vulnerabilities in various flavors of Linux, performing authenticated scans. Furthermore, Linux authenticated scan can be performed using SSH through username / password and certificate as well.
NopSec
JANUARY 16, 2015
If you haven’t read the book or watched the movie Fight Club , you may not understand this reference. “1st RULE: You do not talk about FIGHT CLUB.” One of the interesting things about working in the IT security business is that customers are very secretive about projects and generally are reluctant to publicly acknowledge any work. At NopSec we certainly can understand the need for discretion.
Expert insights. Personalized for you.
62 
Let's personalize your content