The Electronic Frontier Foundation (EFF) today released Certbot 1.0: a free, open source software tool to help websites encrypt their traffic and keep their sites secure.
Certbot was first released in 2015, and since then it has helped more than two million website administrators enable HTTPS by automatically deploying Let’s Encrypt certificates. Let’s Encrypt is a free certificate authority that EFF helped launch in 2015, now run for the public’s benefit through the Internet Security Research Group (ISRG).
HTTPS is a huge upgrade in security from HTTP. For many years, web site owners chose to only implement HTTPS for a small number of pages, like those that accepted passwords or credit card numbers. However, in recent years, it has become clear that all web pages need protection. Pages served over HTTP are vulnerable to eavesdropping, content injection, and cookie stealing, which can be used to take over your online accounts.
We are happy to introduce the new Nitrokey FIDO2! The device can be ordered now and will be delivered within the next days. Nitrokey FIDO2 convinces by easy handling, two-factor authentication (2FA) and it can be used for passwordless login instead of a password. This brings us one step closer to our motto “secure your digital life”.
As we draw ever closer to Black Friday, Cyber Monday, and all the shopping days in between, you’ll have no shortage of cheap, flashy, internet-connected gadgets to choose from for holiday gifts. But in the frenzy, don’t forget that the widgets you buy will live at recipients’ houses—or on their wrists—for months or years to come. With that in mind, it’s worth considering the security and privacy risks involved, so you know what you’re getting people into before they unwrap the box.
Chicago based Information Security company named Trustwave has discovered a new cyber threat campaign in disguise of Microsoft Update. The Illinois based Cybersecurity company’s team of experts from its subsidiary SpiderLabs have found that an email campaign in the name of Microsoft is doing round from the past few weeks which is actually a phishing campaign spreading Cyborg Ransomware.
Did Android users celebrate loudly when Google announced support for Accelerated Mobile Pages for Email (AMP4Email) in its globally popular Gmail service in 2018?
Highly unlikely. Few will even have heard of it, nor have any idea why the open source technology might improve their webmail experience.
They might, however, be interested to learn that a researcher, Michał Bentkowski, of Securitum, recently discovered a surprisingly basic security flaw affecting Google’s implementation of the technology.
If you think brand new Android smartphones are immune from security vulnerabilities, think again – a new analysis by security company Kryptowire uncovered 146 CVE-level flaws in devices from 29 smartphone makers.
Without studying all 146 in detail, it’s not clear from the company’s list how many were critical flaws, but most users would agree that 146 during 2019 alone sounds like a lot.
The sort of things these might allow include the modification of
system properties (28.1%), app installation (23.3%), command execution
(20.5%), and wireless settings (17.8%).
Remember, these devices, which included Android smartphones made by Samsung and Xiaomi, had never even been turned on, let alone downloaded a dodgy app – these are the security problems shipped with your new phone, not ones that compromise the device during its use.