The Heartbleed bug works, and could be a scapegoat for older breaches

Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached because of the critical flaw.

Researchers find Android security issue in app permissions protocol

The permissions issue could allow a malicious app to alter legitimate home screen icons.

Heartbleed bug not leveraged for surveillance, NSA says

After a Bloomberg article reported that unnamed sources indicated that the NSA knew of the major flaw and utilized it for surveillance purposes, the agency denied the claims.

Focus: Government

Product Reviews

BlackStratus LOG Storm v4.3.0.86

LOG Storm from BlackStratus combines log management and correlation systems with real-time monitoring and an integrated incident response system all on one easy-to-deploy and use appliance.

EiQ Networks SecureVue v3.6.6

SecureVue from EiQ Networks provides log gathering, correlation and analysis services for numerous operating systems, network and security devices, combining these services into a solid SIEM platform that offers vulnerability and compliance monitoring, incident management and configuration auditing in one easy-to-use package.

Data Breach Blog


It's not the breach that kills you, it's the cover-up

It's how you handle yourself during and after a breach that will determine just how detrimental the breach actually is for your organization.

Building security around Bitcoin

Similar to building a multi-layer security strategy for a business, before deciding what security controls should be implemented to protect Bitcoin transactions, we first need to identify the targets.


Bloomberg reported on Friday that the National Security Agency (NSA) was aware of the SSL/TLS encryption-breaking Heartbleed bug for at least two years before the now infamous flaw caught the attention of the world earlier this week. Shortly after, on its public affairs Twitter account, the NSA said it was not aware of the vulnerability until it was made public.

Outside Lens

On-the-go content

SC Magazine app

Download the SC Magazine app for iOS and Android!

The latest IT security news, analysis and features on your mobile or tablet

Click here to download »

Sign up to our newsletters