Certificate Interruptus: Survey Finds Heartbleed Fixes Incomplete At Most Firms

In-brief: Three quarters of Global 2000 organizations have yet to fully remediate the Heartbleed vulnerability one year after it was discovered, according to a study by the firm Venafi.

Snowden Borrowed from APT Playbook In NSA Hack

We know for sure that Edward Snowden made short work of the protections that the National Security Agency used to segregate classified data. Snowden’s revelations about government spying on foreign governments, domestic and foreign firms and…well…just about everyone else first appeared in print in May. Since that time, a looming question is “how?” In other words: how did a single contractor gain access to such a massive trove of classified intelligence while working for the most security conscious organization in the world?   While the exact methods used by Snowden are still not known, there are many theories. Now the security firm Venafi thinks that it has an answer, and is challenging the NSA to prove it wrong. In a blog post on Wednesday, the company laid much of the blame on poor management of digital certificates and user credentials, which allowed Snowden to move laterally within the NSA’s classified […]