How hidden mining threatens your business
Credit to Author: Yaroslava Ryabova| Date: Wed, 07 Mar 2018 13:54:03 +0000
Cybercriminals weaponize hidden mining. We tell you how it works and how to protect your company
Read moreinternet
Chrome 68 to condemn all unencrypted sites by summer
Credit to Author: Gregg Keizer| Date: Tue, 13 Feb 2018 03:10:00 -0800
Google has put a July deadline on a 2016 promise that its Chrome browser would tag all websites that don’t encrypt their traffic.
“Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as ‘not secure,'” wrote Emily Schechter, a Chrome security product manager, in a Feb. 8 post to a company blog.
Google has scheduled Chrome 68 to release in Stable form – analogous to production-level quality – during the week of July 22-28.
Starting then, Chrome will insert a “Not secure” label into the address bar of every website that uses HTTP connections between its servers and users. Sites that instead rely on HTTPS to encrypt the back-and-forth traffic will display their URLs normally in the address bar.
Web miners in YouTube ads
Credit to Author: Anna Markovskaya| Date: Mon, 05 Feb 2018 13:40:24 +0000
While you’re watching YouTube, someone might just be using your device to mine cryptocurrency.
Read moreSelling cryptocastles in the sky
Credit to Author: Anna Markovskaya| Date: Fri, 02 Feb 2018 14:00:25 +0000
The cryptomining boom is helping scammers make money out of thin air. The latest method involves fake currency and ransomware.
Read moreMozilla mandates that new Firefox features rely on encrypted connections
Credit to Author: Gregg Keizer| Date: Thu, 18 Jan 2018 10:37:00 -0800
Mozilla this week decreed that future web-facing features of Firefox must meet an under-development standard that requires all browser-to-server-and-back traffic be encrypted.
“Effective immediately, all new features that are web-exposed are to be restricted to secure contexts,” wrote Mozilla engineer Anne van Kesteren in a post to a company blog. “A feature can be anything from an extension of an existing IDL-defined object, a new CSS property, a new HTTP response header, to bigger features such as WebVR.”
Secure contexts, dubbed a “minimum security level,” is a pending standard of the W3 (World Wide Web Consortium), the primary standards body for the web. Secure contexts’ main purpose, according to its documentation: “Application code with access to sensitive or private data be delivered confidentially over authenticated channels that guarantee data integrity.”
HTTPS doesn’t mean safe
Credit to Author: Yaroslava Ryabova| Date: Wed, 17 Jan 2018 16:26:49 +0000
Many people assume that an HTTPS connection means that the site is secure. In fact, HTTPS is increasingly being used by malicious sites, especially phishing ones.
Read moreHow blockchain makes self-sovereign identities possible
Credit to Author: Phillip Windley| Date: Wed, 10 Jan 2018 03:12:00 -0800
One of the curious constructions of the Internet is the term identity provider. You don’t need anyone to provide you with an identity, of course. You have an innate one by virtue of being human. Rather, so-called identity providers, or IDPs, provide you with an identifier, a means of recording attributes important to that provider, and some method of proving it’s you – usually a password.
This is not surprising since online identity has traditionally been viewed through the lens of an organization and its needs, not the individual and his or her needs. Identity systems are created to administer identifiers and attributes within a specific domain. The result: people end up with hundreds of online personas at hundreds of organizations. Each of these administrative identity systems is proprietary and owned by the organization that provides it; you really don’t have an online identity that’s independent of these many systems. Got a new address, or an updated credit card number? You’ll have to deal with each of these systems one at a time in whatever manner they require.
Scrimping on software could blow a hole in your budget
Credit to Author: Anna Markovskaya| Date: Tue, 02 Jan 2018 14:00:22 +0000
Hacked programs freely distributed online are found to be equipped with a hidden NiceHash cryptocurrency miner.
Read more