• Yahoo leaks private key, allows anyone to build Yahoo-signed Chrome extensions

  By Lucian Constantin | 24 May, 2012 16:41

  Yahoo was forced to release a new version of its Axis extension for Google Chrome after the original one contained a private key that allowed anyone to digitally sign extensions in Yahoo's name.

• Microsoft opens New York research lab, hires mainly Yahoo researchers

  By John Ribeiro | 03 May, 2012 17:03

  Microsoft is opening Thursday a research lab in New York city that aims to benefit from interaction with the academic and tech communities in the metropolitan area, as well as attract new talent to Microsoft, the company said.

• Most of the Internet's top 200,000 HTTPS websites are insecure, Trustworthy Internet Movement says

  By Lucian Constantin | 27 April, 2012 02:51

  Ninety percent of the Internet's top 200,000 HTTPS-enabled websites are vulnerable to known types of SSL (Secure Sockets Layer) attack, according to a report released Thursday by the Trustworthy Internet Movement (TIM), a nonprofit organization dedicated to solving Internet security, privacy and reliability problems.

• Russian-speaking cybercriminals earned $4.5 billion in 2011, researchers estimate

  By Loek Essers | 24 April, 2012 14:07

  Russian-speaking hackers earned an estimated US$4.5 billion globally using various online criminal tactics and are thus responsible for 36 percent of the estimated total of $12.5 billion earned globally by cybercriminals in 2011, Russian security analyst firm Group-IB said in a report published on Tuesday.

• Vodafone protects smartphone communications with 'Secure SIM'

  By Mikael Ricknäs | 06 March, 2012 04:15

  Vodafone has developed a new SIM card that can be used on smartphones to provide secure access to data networks and tap-proof telephone calls as well as email and text message encryption, the operator said on Monday at the Cebit trade show.

• Open source FreeOTFE encrypts disks handily

  By Ian Harac | 09 March, 2011 06:09

  FreeOTFE may sound like a political bumper sticker, but it stands for "Free On The Fly Encryption." The "Free" part is self-explanatory; "On The Fly Encryption" refers to the encrypting/decrypting of data as it is written to or read from your hard disk.

• Firesheep, Blacksheep, and protecting your Wi-Fi data

  By Tony Bradley | 11 November, 2010 07:42

  Despite the convenience, free public Wi-Fi networks like those found in hotels, Starbucks, and McDonald's are also a serious risk when it comes to your data and personal information.

• Guide: How to be ready for Big Data

  By Thor Olavsrud | 21 March, 2012 01:30

  Big Data is all the rage these days, and more than a few organizations are at least wondering what sort of business intelligence they could derive from all the information at their disposal.

• How DRM could ensure cloud security

  By Keir Thomas | 04 February, 2011 05:53

  Yet another survey is indicating that security is a big issue for those intending to take up cloud computing.

• 5 open source security projects to watch

  By Rodney Gedda | 20 January, 2011 11:23

  Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.

• Secure USB Drives Not So Secure

  By Joan Goodchild | 07 January, 2010 06:16

  Several hardware-encrypted USB memory sticks are now part of a worldwide recall and require security updates because they contain a flaw which could allow hackers to easily gain access to the sensitive information contained on the device.

Whitepapers about encryption

• 

  Securing Vital Infrastructure

  A unified approach to information security can help modern vital infrastructure providers deal with evolving IT threats without compromising on communications or the demands of an increasingly mobile workforce. Flexible policies, combined with quality inbound threat detection, deep content inspection and encryption capabilities can help organisations to mitigate the risks – not just from outside the organisation, but also within it. Read this whitepaper.

• 

  Take the Guesswork Out of Online Security. VeriSign Guide: Move Beyond Traditional SSL to Establish Trust