Multiple HTTP/2 implementations are vulnerable to denial-of-service attacks

Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) attacks. Netflix discovered several resource exhaustion vectors affecting a

Read more

FBI warns users to be wary of phishing sites abusing HTTPS

This week the FBI issued a warning that too many web users view the padlock symbol and the ‘S’ on the end

Read more

ISP Address Blank In Direct Access Client Statistics

If you are a Direct Access administrator you may need to locate a client’s real IP address, the one given

Read more

Cloudflare Has Two New Tools for Detecting HTTPS Interception

The practice of HTTPS interception continues to be commonplace on the Internet. HTTPS interception has encountered scrutiny, most notably in

Read more

Netgate pfSense sshguard Implementation Access Bypass Vulnerability [CVE-2018-20799]

CVE Number – CVE-2018-20799 A vulnerability in Netgate pfSense could allow an unauthenticated, remote attacker to bypass security restrictions on

Read more

Squid HTTPS Error Page Cross-Site Scripting Vulnerability [CVE-2018-19131]

CVE Number – CVE-2018-19131 A vulnerability in Squid could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)

Read more

From Today Google Chrome Will Label All HTTP Sites As ‘Not Secure’

The latest version of Chrome (version 68) will now mark all HTTP sites as “not secure.” Up to this point,

Read more

What is HTTPS ?

HTTPS stands for Hypertext Transfer Protocol Secure. It is a technology that ensures secure communication over a computer network, widely

Read more

Browser Non-HTTPS Website Warning

Google have announced (details here) that all HTTP sites will be marked as insecure in version 68 of their Chrome

Read more

Reports Of Increased Use Of Counterfeit Code-Signing Certificates

A recent open source blog post from Insikt suggests there is a small but growing market in counterfeit code-signing certificates. 

Read more
%d bloggers like this: