Users of secure messaging apps such as Pidgin, Adium and others built upon libotr, the Off-the-Record protocol, are being urged to update immediately to current versions after the discovery of a critical flaw that can be used in targeted attacks to expose encrypted communication. The OTR development team yesterday pushed out libotr 4.1.1 which patches...

Florida-based cancer treatment center 21st Century Oncology Holdings is warning 2.2 million patients that health data and Social Security numbers were stolen from its computer network. The breach, which was revealed on March 4, occurred last November and included the theft of patient names, Social Security numbers, physicians’ names, diagnoses and treatment information, and insurance information....

Amazon reversed course on its unpopular decision to remove encryption from its Fire OS 5 tablets. Over the weekend, Amazon said, customers’ device-level encryption support will return this spring. The move comes after Amazon customers and privacy activists expressed outrage over the company’s choice to remove encryption from its popular consumer line of Fire tablets running...

Apple’s head of software engineering told law enforcement and the government via a Washington Post op-ed on Sunday that a precedent-setting backdoor into the iPhone threatens to turn back the clock on mobile security to less safe times. The column, written by Craig Federighi and posted last night, argues that the removal of security features...

Amazon’s decision to remove encryption from its tablets running the latest Fire OS 5 release of its software has many privacy-minded tablet owners are crying foul. They are blasting Amazon for making their tablets less secure and no longer safe to store personal data from email credentials, credit card numbers and sensitive business information. “Amazon...

SAN FRANCISCO—A laundry list of past and present iPhone experts and cryptography experts today filed an amicus brief asking the courts to vacate their order mandating Apple assist the FBI in unlocking a phone belonging to San Bernardino shooter Syed Farook. Filed by Jennifer Granick and Riana Pfefferkorn of the Stanford Law School Center for...

Calls for encryption backdoors that date back to the 1990s are coming back to haunt the industry 20 years later with DROWN, security experts say. The flaw that researchers found with DROWN center around the fact that during the so called Crypto Wars of the 1990s President Bill Clinton’s administration insisted that US government have...

SAN FRANCISCO—One would think that six of the smartest security people on the planet could come to some sort of collective conclusion on the FBI-Apple debate. But that wasn’t the case today during the annual Cryptographers’ Panel at RSA Conference. The debate over whether Apple should assist the FBI in unlocking an accused terrorist’s iPhone...

Researchers revealed a massive transport layer security (TLS) vulnerability today that leaves millions of Internet users vulnerable to an attack that could expose passwords, credit card numbers and financial data. OpenSSL and others are urging companies to patch their web servers or risk exposure to the so-called DROWN attack that can decrypt Internet traffic and leave...

Mike Mimoso and Chris Brook discuss the news of the week including the ongoing FBiOS battle, a judge’s confirmation that the DoD funded research to uncloak Tor users, and news surrounding Operation Blockbuster. They also preview next week’s RSA Conference in San Francisco, Calif. Download: http://traffic.libsyn.com/digitalunderground/Threatpost_News_Wrap_February_26_2016.mp3 Music by Chris Gonsalves