Too busy working all week to keep up with the most interesting stories coming out of the technology and security industries? Below are our recommendations for a roundup of the top stories happening now that you need to know.
23,000 HTTPS certificates axed after CEO emails private keys
A major dust-up on an Internet discussion forum is touching off troubling questions about the security of some browser-trusted HTTPS certificates when it revealed the CEO of a certificate reseller emailed a partner the sensitive private keys for 23,000 TLS certificates. Read more…
Equifax Discloses 2.4 Million More Mega-Breach Victims
Equifax says it identified 2.4 million U.S. consumers whose names and snippets of their driver's license numbers were stolen, adding to what is one of the largest and most sensitive data breaches on record. Read more…
Big banks want to weaken the internet’s underlying security protocol
The tech and financial industries are butting heads over the latter’s push to intentionally weaken a security protocol that underlies how the public securely accesses the vast majority of the internet. Critics are charging that the financial industry is pushing for a weakness in the new version of the Transport Layer Security (TLS) protocol, all for the sake of avoiding the time, effort and resources needed to adapt to the new standard. Read more…
Another massive DDoS internet blackout could be coming your way
A massive internet blackout similar to the Dyn DNS outage in 2016 could easily happen again, despite relatively low-cost countermeasures, according to a new study. The DDoS attack on Dyn took many major web sites offline for most of a day, including Twitter, PayPal, Reddit, Amazon, and Netflix. Millions of compromised IoT devices, belonging to the Mirai botnet, flooded Dyn's DNS service with up to 1.2 TBps of bogus traffic, making it impossible to respond to genuine DNS requests for their customers' websites. Read more…
No comments:
Post a Comment