Browsing Category: Web Security

Researchers Plan to Disclose Critical Bugs to TAILS Team Soon

The developers of the TAILS operating system are poised to release a new version of the software–which is designed to preserve privacy and anonymity–and it includes several security fixes. However, there are several other security issues that aren’t patched in the new release, vulnerabilities identified by researchers at Exodus Intelligence, who have not disclosed the bugs[...]

Read more...

Privacy Badger Extension Blocks Tracking Through Social Icons

Categories: Privacy, Web Security

Online tracking has been a thorny problem for years, and as Web security companies, browser vendors and users have become more aware of the problem and smarter about how to defend themselves, ad companies and trackers have responded in kind. The advent of social networks has made it far easier for tracking companies to monitor user behavior across[...]

Read more...

EFF Releases Open Wireless Router Firmware

The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HOPE X conference over the weekend, is[...]

Read more...

Critroni Crypto Ransomware Seen Using Tor for Command and Control

There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen using the Tor network for command and control.

Read more...

Five Vulnerabilities Fixed in Apache Web Server

There are five vulnerabilities fixed in the latest release of the Apache Web server, including a buffer overflow and several denial-of-service vulnerabilities. Fixes for these flaws have landed in the developer release of the server, 2.4.10-dev. The buffer overflow vulnerability is rated moderate by the Apache Software Foundation, but it could be used for remote code[...]

Read more...

OpenVPN Warns Customers of CSRF Bug in Access Server Desktop Client

OpenVPN is advising users of its Desktop Client to upgrade as soon as possible to avoid attacks against a CSRF vulnerability that can allow remote code execution. The vulnerability lies in a product that the company no longer supports and considers obsolete. An attacker could exploit the vulnerability if a user running a vulnerable version visits[...]

Read more...

Large-Scale DDoS Attacks Continue to Spike

Categories: Hacks, Web Security

Although the average size of a given DDoS attack is going down, the number of attacks at the upper end of the scale is increasing, with researchers at Arbor Networks reporting more than 100 attacks of 100 Gbps in the first half of this year. In order for a DDoS attack to be effective, bad[...]

Read more...