The Mozilla Foundation is testing a new mechanism for securing domain name server traffic that uses the encrypted HTTPS channel. It is an attempt to speed up the internet, reduce the threat of man-in-the-middle attacks and keep prying eyes from monitoring what users do online. Starting in the next several […]
Cybersecurity
IETF Approves TLS 1.3 as Internet Standard
IETF Approves TLS 1.3 as Internet Standard The Internet Engineering Task Force (IETF) —the organization that approves proposed Internet standards and protocols— has formally approved TLS 1.3 as the next major version of the Transport Layer Security (TLS) protocol. The decision comes after four years of discussions and 28 protocol drafts, with […]
Google Deploys New Anti-Phishing & Malware Detection Features for G Suite Users
Google rolled out today new security features for G Suite, its collection of enterprise, cloud computing, productivity, and collaboration tools. While several of the G Suite services received improvements, the most interesting additions have been made to Gmail for Business, the Google service that allows companies to use Gmail as their […]
Mozilla Is Testing « DNS over HTTPS » Support in Firefox
Mozilla Foundation engineers announced plans over the weekend to test the « DNS over HTTPS » (DoH) fledgling security standard in Firefox Nightly distributions. The feature will be tested as a Firefox shield study —a browser mechanism that allows engineers to roll out and roll back experimental features at a moment’s notice. […]
Never Mind Malware – Social Engineering Will Be Your Biggest Threat This Year
As we enter a new year, IT security teams and cyber-criminals are both already searching for the development that will tip the scales in the on-going cyber arms race. A common assumption is that a new malware strain or vulnerability will be the defining factor of 2018, similar to the […]
5 Things You Need to Know About Botnets
There’s a common denominator between the surges of phishing email that continue to plague consumers, businesses and government agencies around the globe and the social media-fueled propaganda campaigns Russia has leveraged to undermine democratic elections in Europe and the United States. Neither would be doable without botnets as they exist today. For most people, the power and […]
Microsoft Releases KB4090913 Update to Fix Critical USB Driver Issue
Microsoft released yesterday a Windows update to fix driver issues with USB devices introduced in the February 2018 Patch Tuesday security updates. More precisely, Microsoft has released KB4090913 to address bugs introduced by KB4074588. The update is for Windows 10 Fall Creators Update users only —Windows 10 version 1709. The update is available […]
The Drupal development team addressed many vulnerabilities in both Drupal 8 and 7, including some flaws rated as “critical”.
Drupal maintainers have fixed many vulnerabilities in Drupal 7 and 8, including some flaws rated as “critical.” One of the critical security vulnerabilities is related to partial cross-site scripting (XSS) prevention mechanisms that was addressed with Drupal 8.4.5 and 7.57 versions. The popular CMS uses a JavaScript function that doesn’t completely sanitize the […]
Here We Go Again: Intel Releases Updated Spectre Patches
Here We Go Again: Intel Releases Updated Spectre Patches In a press release published on Tuesday, Intel announced it resumed the deployment of CPU microcode firmware updates. These updates are meant to mitigate the Spectre Variant 2 vulnerability —CVE-2017-5715. The Meltdown (CVE-2017-5754) and Spectre variant 1 (CVE-2017-5753) vulnerabilities —which became […]
Over 30 Lawsuits Filed Against Intel for CPU Flaws
More than 30 lawsuits have been filed by Intel customers and shareholders against the chip giant following the disclosure of the Meltdown and Spectre attack methods. Three class action lawsuits were filed against Intel within a week of the Meltdown and Spectre flaws being disclosed, but the number had reached 32 by […]