The Let’s Encrypt initiative reached yet another milestone this week when it entered public beta, a step that it claims will help make it easier for website owners to embrace HTTPS encryption.
Tag Archives: Web Security
OpenSSL Patches Bring Last Update for 0.9.8 and 1.0.0 Branches
The OpenSSL Software Foundation patched four vulnerabilities on Thursday, likely the last time that two older versions of the software library will receive updates.
Relentless Sofacy APT Attacks Armed With Zero Days, New Backdoors
Researchers at Kaspersky Lab release an update on the Sofacy gang, also known as APT28, explaining a set of new malware implants, backdoors and zero days at the group’s disposal.
Flash’s Farewell Under Way
Adobe’s announcement that it has retooled—and renamed—Flash is a longterm signal that the vulnerable and fatigued platform is on its last legs.
Cisco Patches WebEx App for Android, Warns of Unpatched Flaws
Cisco patched its WebEx mobile app for Android, and published advisories warning of vulnerabilities in three other products.
Advantech ICS Gear Still Vulnerable to Shellshock, Heartbleed
Rapid7 disclosed that Advantech EKI industrial control gear remains vulnerable to Shellshock and Heartbleed, in addition to a host of other vulnerabilities.
Google Ends Chrome Support on 32-bit Linux, Releases Chrome 47
Google released Chrome 47 this week and announced that it will end Chrome support for older, 32-bit Linux distributions early next year.
China APT Gang Targets Hong Kong Media via Dropbox
A Chinese APT gang is targeting Hong Kong media outlets with backdoors that connect to legitimate Dropbox accounts.
Embedded Devices Share, Reuse Private SSH Keys, HTTPs Certificates
Thousands of embedded devices share cryptographic keys and certificates, exposing millions of connections to man-in-the-middle attacks.
Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware
An attacker working off domains belonging to Chinese registrar BizCN has been moving the Cryptowall 4.0 ransomware via the Nuclear Exploit Kit.