A glut of WordPress sites have fallen victim to both malware infections and a series of brute force attacks that have making the rounds over the past several days, researchers claim.
Browsing Category: Web Security
The critical vulnerability in the TAILS operating system discovered by researchers at Exodus Intelligence lies in the I2P software that’s bundled with the OS and the company has released some details and a video demonstrating an exploit against the bug.
Mozilla has released a new version of Firefox, which includes patches for 11 security vulnerabilities. Three of the bugs fixed in Firefox 31 are critical, including a use-after-free vulnerability and a handful of memory safety issues.
There are several security issues that aren’t patched in the new release of the OS Tails that have been identified by researchers at Exodus Intelligence.
Privacy Badger is one of a new generation of tools designed to help users block much of the silent, pervasive tracking that’s done on the Web today, a lot of which is accomplished through social media channels.
The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HOPE X conference over the weekend, is[...]
The rise of sophisticated new online tracking mechanisms, including one known as ‘canvas fingerprinting’ that’s been infiltrating the Internet, could soon raise the ire of privacy conscious users.
There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen using the Tor network for command and control.
There are five vulnerabilities fixed in the latest release of the Apache Web server, including a buffer overflow and several denial-of-service vulnerabilities. Fixes for these flaws have landed in the developer release of the server, 2.4.10-dev. The buffer overflow vulnerability is rated moderate by the Apache Software Foundation, but it could be used for remote code[...]
An easily available and stout defense against cross-site scripting – content security policy – is sparsely deployed because it is not compatible with most websites.