CloudBleed is the unofficial name for a security issue discovered on February 17th, 2017 that affected CloudFlare's reverse proxies. CloudFlare is a large provider that is used by more than 5.5 million Internet properties according to the company's website. It offers CDN and DDOS protection, optimization technologies for websites, dedicated SSL and a lot more. […]
Computer security has always been important, but the rise of the Internet and the global Internet community have made it more pressing than ever. New threats have emerged with the Internet, including phishing attacks that spread via email, computer worms that replicate over the Internet, a new bread of trojans that take over a computer to include it in a bot network that is used for malicious activities, and spam and viruses are all threats that Internet users encounter these days.
We cover security updates when they are released for major software including Microsoft Windows, plugins like Java or Adobe Flash, and web browsers like Google Chrome or Firefox. In addition, we are also reporting about services, online and offline, that help you protect your systems against security threats, and post tutorials that explain how to recover a system when it has been successfully attacked.
Google disclosed a security vulnerability in Microsoft Edge and Internet Explorer yesterday that Microsoft failed to patch up until now. This is the second vulnerability that Google disclosed this mean. Last week, the company disclosed a Windows vulnerability that affected the gdi32.dll dynamic link library in Windows. The new vulnerability that Google disclosed yesterday affects […]
Google Project Zero member Mateusz Jurczyk disclosed a gdi32.dll vulnerability in the Windows operating system to Microsoft on November 16, 2016. The report itself is quite technical and it would go too far to go into details here on the site. The following describes the turn of events however. Jurczyk disclosed issues with gdi32.dll to […]
Researchers have developed a cross-browser fingerprinting technique that uses operating system and hardware level features. Fingerprinting has been limited for the most part to individual web browsers in the past. If a user switched browsers regularly, fingerprinting could not be used to link the user to these browsers. Fingerprinting tests like the Electronic Frontier Foundation's […]
The United States Computer Emergency Readiness Team (US-CERT) published a vulnerability note yesterday about a new zero-day vulnerability affecting Microsoft Windows 8, 10 and Server editions. It reads: Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service or […]
Malwarebytes 3.0.6 is the latest version of the popular security program for Windows that is available as a free and premium version. The company, also called Malwarebytes, released version 3.0 of the program not too long ago. The update changed things around quite a bit, and not all for the better. The new Malwarebytes unified […]
Don't touch my tabs! (rel=noopener) is a Firefox add-on that adds rel="noopener" to external links on sites open in Firefox automatically. Noopener_by_default is a userscript that does the same for links. Did you know that sites that you load by clicking on links may manipulate the page the link was posted on? Imagine two HTML […]
Researchers have discovered a new phishing attack that is currently underway that is targeting Google Gmail accounts in a sophisticated way. What's interesting about this specific attack is that it uses a new method, one that could even lure tech savvy users into its trap. The attacks begin with compromised Gmail accounts. The attackers use […]
Security researchers found a backdoor in the popular messaging application WhatsApp recently that could allow WhatsApp to intercept and read user messages. Facebook, the owner of WhatsApp, claims that it is impossible to intercept messages on WhatsApp thanks to the services end-to-end encryption. The company states that no one, not even itself, can read what […]
If you encrypt the hard drive of a computer running Windows 7, and then on the same computer running Windows 10, you will notice that the encryption process is faster on Windows 7. Bitlocker is a built-in disk encryption program that you can use to encrypt data so that it cannot be accessed by third-parties. […]
Most modern web browsers support comfortable features like auto-filling forms on sites using data that you have entered in the past. Instead of having to enter your name, email address or street address whenever you sign up for a new account for instance, you'd fill out the data once only and have the browser fill […]
Ransim is a ransomware simulator for Windows that simulates attacks of ten ransomware families against the computer system. Ransomware is without doubt a relatively new threat category that has gained some prominence in recent time. Security companies have added ransomware protection to their tools as a response, or released standalone programs with the aim to […]
Netgear has released the first batch of production firmware fixes for company routers affected by a serious security vulnerability. Cert issued a warning on December 9, 2016 that several Netgear routers are vulnerable to arbitrary command injection. Cert listed only two router models but has since then added other models to the list. Currently, the […]
Avira Password Manager is a new security product by German company Avira which is probably best known for its antivirus offerings. The password manager niche is crowded, and if you want to conquer it with a new product, you better make sure it is offering something unique. Avira's reputation may certainly help the company acquire […]