261 Posts

Larry Loeb

Principal, PBC Enterprises

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek. He wrote for IBM's DeveloperWorks site for seven years and has written a book on the Secure Electronic Transaction Internet protocol. His latest book has the commercially obligatory title of Hack Proofing XML. He's been online since uucp "bang" addressing (where the world existed relative to !decvax), serving as editor of the Macintosh Exchange on BIX and the VARBusiness Exchange.

Written By Larry Loeb

OpenSSL Can Be DROWNed by New Vulnerability

OpenSSL is vulnerable to DROWN, an attack based on support for the obsolete SSLv2 protocol, which leaves OpenSSL programs at risk.

About OAuth Use for API Authorization

OAuth is an authorization and authentication protocol using APIs to enable a third-party website or application to access a user's data.

FighterPOS Malware Gets a Worm Variant

A security firm recently flagged new versions of the malware FighterPOS, including a worm variant, that may affect U.S. point-of-sale (POS) networks.

Drupal 6 Hits the End-of-Life Milestone

Drupal 6 hit its end-of-life mark, meaning the service is now unsupported. Users may be vulnerable to exploits by cybercriminals.

Mandatory Windows 10 Update Reverts to Default Settings, Causing User Frustration

Windows 10 forces an upgrade that destroys default settings on many files without allowing them to be reset, causing major security issues for users.

Researchers Find VoIP Phones Vulnerable to Simple Cyberattacks

Security researchers recently discovered a possible vulnerability in voice-over-IP (VoIP) phones that could put users at risk.

Mitigating the Buffer Overflow Flaw in Glibc

The GNU C Library (glibc) is vulnerable to a stack-based buffer overflow issue. Learn more about the problem and how to avoid, patch and mitigate it.

Lockdroid Ransomware Fails Thanks to Google’s Verify Apps

At a recent security conference, Google claimed its Verify Apps feature prevented Android users from becoming infected with the Lockdroid ransomware.

Cybercrime Doesn’t Pay as Much as Previously Thought, Report Shows

A new report from the Ponemon Institute and Palo Alto Networks found that cybercrime isn't as lucrative as it was assumed to be.

Google Announces Plan to Flag Unsecured Emails

Google's Gmail now alerts users when they receive unsecured, unencrypted and unauthenticated emails in an attempt to increase security awareness.