The makers of the popular messaging app Confide said Wednesday it has patched multiple security vulnerabilities that could have allowed hackers to intercept messages sent using its secure end-to-end messaging platform.
Tag Archives: Web Security
Firefox 52 Expands Non-Secure HTTP Warnings, Enables SHA-1 Deprecation
The latest version of Firefox expands non-secure HTTP warnings, enables SHA-1 deprecation by default, and removes support for NPAPI.
WordPress 4.7.3 Patches Half-Dozen Vulnerabilities
WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.
Unpatched Western Digital Bugs Leave NAS Boxes Open to Attack
Western Digital NAS owners were warned of critical flaws in the company’s My Cloud line of hardware that opened up data stored on those devices to attack.
Active Defense Bill Raises Concerns Of Potential Consequences
A bill that would exclude organizations from prosecution for hacking back is already stirring up some concerns about potential unintended consequences.
Spammer’s Leaky Backup Exposes Massive Empire
A massive spam operation that sent out more than one billion messages a day was exposed by researchers who called the operation “illegal” and a “tangible threat to online privacy and security.”
New Fileless Attack Using DNS Queries to Carry Out PowerShell Commands
A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.
HackerOne Offers Open Source Projects Free Access to Platform
HackerOne announced a free version of its platform for open source projects.
Threatpost News Wrap, March 3, 2017
The news of the week is recapped, including the fallout around CloudBleed, the CloudPets breach, and a Slack token bug. The life of Howard Schmidt is also remembered.
Cisco Warns of High Severity Bug in NetFlow Appliance
Cisco is warning of a flaw that creates conditions susceptible to a DoS attack in its NetFlow Generation Appliance.