Explained: Domain fronting
Domain fronting is a technique to hide the true origin of HTTPS requests by hiding the real domain name encrypted inside a legitimate TLS request.
Read morehttps
Cloudflare Tunnel increasingly abused by cybercriminals
Categories: News Tags: Cloudflare Tunnel Tags: cloudflared Tags: rdp Tags: https Tags: smb Tags: ssh Researchers have found that cybercriminals are shifting to Cloudflare Tunnel to hide and anonymize their nefarious activities. |
The post Cloudflare Tunnel increasingly abused by cybercriminals appeared first on Malwarebytes Labs.
Read morePublic and free WiFi: Can I safely use it?
Categories: News Categories: Personal Tags: Free Tags: public Tags: WiFi Tags: HTTPS Tags: TLS Tags: VPN The Internet has changed. A lot. Does that make it safer to use public, free WiFi? |
The post Public and free WiFi: Can I safely use it? appeared first on Malwarebytes Labs.
Read moreTor’s (security) role in the future of the Internet, with Alec Muffett
Credit to Author: Malwarebytes Labs| Date: Mon, 06 Jun 2022 05:51:33 +0000
This week on Lock and Code, we talk about the often-undiscussed security benefits of Tor networking, also called onion networking.
The post Tor’s (security) role in the future of the Internet, with Alec Muffett appeared first on Malwarebytes Labs.
Read moreRocket Loader skimmer impersonates CloudFlare library in clever scheme
Credit to Author: Jérôme Segura| Date: Tue, 10 Mar 2020 15:46:13 +0000
 | |
| URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level. Categories: Tags: HTTPSJavaScriptMagecartskimmerskimming |
The post Rocket Loader skimmer impersonates CloudFlare library in clever scheme appeared first on Malwarebytes Labs.
Read moreLet’s Encrypt issues one billionth free certificate
Credit to Author: Danny Bradbury| Date: Mon, 02 Mar 2020 13:06:25 +0000
Thanks to this flood of free certificates, the web is a lot more encrypted than it was a few years ago.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/m_p5aVh50cI” height=”1″ width=”1″ alt=””/>
Read moreFirefox rolling out DNS-over-HTTPS privacy by default in the US
Credit to Author: John E Dunn| Date: Fri, 28 Feb 2020 11:31:00 +0000
Mozilla has said it plans to make a privacy technology called DNS-over-HTTPS (DoH) the default setting for US users of Firefox within weeks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/U2NXSe69Ao0″ height=”1″ width=”1″ alt=””/>
Read moreSSL/TLS certificate validity chopped down to one year by Apple’s Safari
Credit to Author: John E Dunn| Date: Mon, 24 Feb 2020 11:42:33 +0000
From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cpkLvAwmg9A” height=”1″ width=”1″ alt=””/>
Read moreApple chops Safari’s TLS certificate validity down to one year
Credit to Author: John E Dunn| Date: Mon, 24 Feb 2020 11:42:33 +0000
From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cpkLvAwmg9A” height=”1″ width=”1″ alt=””/>
Read moreGoogle Chrome to start blocking downloads served via HTTP
Credit to Author: John E Dunn| Date: Mon, 10 Feb 2020 11:59:34 +0000
Google has announced a timetable for phasing out insecure file downloads in the Chrome browser starting with desktop version 81 due next month.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/pLJD5xgjayo” height=”1″ width=”1″ alt=””/>
Read more