Category: DEVSEC

Inside GCHQ’s Proposed Backdoor Into End-to-End Encryption

The Open Technology Institute (OTI) has responded to GCHQ/NCSC’s article on ‘Principles for a More Informed Exceptional Access Debate’ with an ‘Open Letter to GCHQ on the Threats Posed by the Ghost Proposal’. read more http://feedproxy.google.com/~r/Securityweek/~3/8V2hZod81iQ/inside-gchqs-proposed-backdoor-end-end-encryption

Hidden Helpers: Security-Focused HTTP Headers

This blog includes real-world scenarios in which attackers can manipulate unsecured HTTP headers and how to prevent your organization from falling victim. https://blog.rapid7.com/2019/05/30/hidden-helpers-security-focused-http-headers/