Tuesday, March 3rd, 2015
On Tuesday, March 3, 2015, researchers disclosed a new SSL/TLS vulnerability — the FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptogrpahy, which can then be decrypted. There are several posts that discuss the attack in detail: ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, February 10th, 2015
A new and improved variant of Simplocker ransomware for Android devices is currently being distributed, according to Avast.
When Simplocker was first identified in June 2014, it was considered possibly the first ransomware for Android devices that encrypts files. However, the encryption key was hardcoded inside the malware and was not ...
Posted in Internet, Mobile, Privacy, Security | No Comments
Friday, November 14th, 2014
The Electronic Frontier Foundation (EFF), an internet freedom watchdog group, is reporting that for the past few months, some ISPs in the US and Thailand have been caught removing encryption from customers’ emails, by stripping a security flag called STARTTLS from the messages.
The STARTTLS flag is an essential security and ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, November 11th, 2014
Remember Heartbleed? You know, the exploit in SSL that was so bad it got its own brand? Microsoft may have an issue of similar scale on its hands with a critical patch issued via Windows Update today.
The patch in question is MS14-066, or otherwise known as the cryptically named “Vulnerability in Schannel ...
Posted in Internet, Privacy, Security, Windows | No Comments
Friday, October 31st, 2014
Facebook has made it easier to access the social network through multiple layers of encryption and without disclosing your true location, by allowing direct access as a hidden service through Tor’s anonymity-focused browser.
Tor sometimes comes up against the security mechanisms of sites — such as Facebook and banking sites — that ...
Posted in Internet, Privacy, Security | No Comments
