Here is our latest news roundup of articles about network and SSL security. Click here to see the whole series.
SSL & Encryption News
- In mid-April, DigiCert announced the opening of our CertCentral BETA program and two new services. Certificate Monitoring offers continuous monitoring and Express Install eases the certificate installation and configuration process.
- Both Google Chrome and Mozilla Firefox announced that they are implementing HTTP/2 over TLS.
Vulnerabilities
- Cylance researchers discovered an attack technique based on a known 20-year-old vulnerability. The attack technique affects all versions of Windows and could expose login credentials.
- A major flaw was found in Firefox’s new opportunistic encryption feature, causing them to disable the feature not even a week after they introduced it.
- Because of a recently discovered vulnerability, hackers could delete all YouTube videos.
- Weak passwords and other flaws make e-voting machines an easy target for hackers.
- A flaw found in routers commonly used in hotels puts guests at risk.
Malware
- Malware lurks within fake games pages from Stream, a popular gaming catalogue for PC, Macs, and Linus games.
- Researchers discover Dyre Wolf malware that circumvents two-factor authentication, stealing more than $1 million.
- New PoS malware named Punkey attacks PoS systems and installs a keylogger to record everything an employee types.
Cybercrime
- Law enforcement has finally taken down Simba, the botnet that plagued more than 770,000 computers in the world.
Internet of Things
- A new report shows that the cockpit controls of commercial planes offering in-flight WiFi are vulnerable to hackers.
Reports/White Papers
- New infographic shows alternative forms of authentication.
- What is the weak link in companies that makes a data breach possible? According to a new survey, employees are the weak link.
- The 2015 Verizon Data Breach Investigations Report sheds some light on the cost of data breaches.
- A recent study by ISACA and RSA Conference highlights the expectations of cyber-attacks in 2015 and organizations inability to hire the right people to help mitigate them.
Events
- Find out what you missed at RSA Conference 2015.