Here is our latest roundup of news about digital security in our connected world. Click here to see the whole series.
DigiCert acquired DNS Made Easy, a provider of managed Domain Name System (DNS) services for enterprises. This expands DigiCert’s digital trust portfolio and will enable DigiCert to offer a seamless approach to certificate lifecycle management.
DigiCert announced support for the Matter protocol, the first effort to provide a standard for secure, reliable interoperability for smart home devices, mobile apps and cloud services. DigiCert was invited as the global leader in digital trust to help develop the PKI specification for the Matter protocol, and as the time approaches for manufacturers to adopt the standard, DigiCert offers support to manufactures to become matter compliant.
Microsoft retired Internet Explorer June 15. Internet Explorer had been functioning for about 27 years and Microsoft is retiring it in favor of the newer Microsoft Edge. If users are still going to Internet Explorer, Microsoft plans to temporarily redirect them to Microsoft Edge.
A failure to renew a certificate led to an eight-hour podcast outage for shows hosted by Megaphone. The outage left users without access to Megaphone CMS or the ability to download from Megaphone-hosted publishers. Megaphone hosts some of the top podcasts in the industry and is owned by Spotify.
A highly sophisticated malware, ZuoRAT, was discovered on routers in North America and Europe that appears to come from advanced hackers, possibly by a nation-state actor. Researchers say the malware could give the hackers full control of connected devices using Windows, macOS and Linux, and is probably part of a broader campaign that has gone since Q4 2020.
A new vulnerability found in smart hot tubs left personal data, like names and email addresses, of owners exposed. The SmartTubs allow owners to remotely manage them (control water temperature, switch on and off lights or jets) with an app. Researchers say that hackers could potentially control these features as well.
Several malicious Python libraries were caught stealing AWS credentials and network information and transferring them to a remote endpoint. Unfortunately, the endpoints stored this information in .TXT files with no authentication, leaving them open to anyone on the web.