Facebook has put developers on notice that as of Oct. 1, apps that do not support SHA-2 will no longer connect to its network.
Tag Archives: Web Security
Zero-Day Disclosed in Unity Web Player
A zero-day vulnerability has been disclosed in the popular Unity Web Player browser plugin. The flaw allows an attacker crossdomain access to websites and services using the victim’s credentials.
Microsoft to Support SSH in Windows
After several false starts, Microsoft finally is planning to support SSH in Windows and the company’s engineers also will contribute to the OpenSSH project. While SSH has been a popular tool for remote login and command execution on many Unix and linux systems for years, Windows has not supported SSH by default, for a variety […]
Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug
An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the Debian OpenSSL bug disclosed seven years ago.
U.S. and Japan to Cooperate on Cybersecurity, Information Sharing
The United States and Japan have agreed to cooperate more closely on cybersecurity and information sharing initiatives as a way to help both countries defend against future threats and attacks. The new initiative will include a variety of components, most notably cooperation during serious incidents, cooperation between the two countries’ cybersecurity and defense units, and […]
Sunset of Section 215 Means All Eyes on USA FREEDOM Act
Now that provisions in Section 215 of the PATRIOT Act allowing for bulk collection of phone metadata have been shot down, all eyes turn to the USA FREEDOM Act.
Slew of Vulnerabilities Found in D-Link Storage Devices
Researchers have identified dozens of vulnerabilities in several D-Link products, some of which allow attackers to bypass authentication requirements or upload arbitrary files to target devices. The vulnerabilities lie in a variety of D-Link network storage devices and the company has produced updated firmware to address some of the problems. Researchers at Search-Lab discovered the […]
Facebook Bolsters Message Security, Adds OpenPGP
Facebook announced early Monday that has adopted OpenPGP encryption and will let users post their public keys on their profile.
Researchers: Hola Fixes Incomplete
Researchers who discovered a half-dozen vulnerabilities in the free Hola VPN said today that fixes rolled out by Hola do not address the security issues they identified.
Crypto Calamity for Blockchain Android App
A poor crypto implementation in the Blockchain Android app results in lost Bitcoin for a number of affected users.