Tor browser fixes bug that allows JavaScript to run when disabled

Credit to Author: John E Dunn| Date: Tue, 17 Mar 2020 12:16:27 +0000

The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/es39u8LUhmk” height=”1″ width=”1″ alt=””/>

Read more

Firefox rolling out DNS-over-HTTPS privacy by default in the US

Credit to Author: John E Dunn| Date: Fri, 28 Feb 2020 11:31:00 +0000

Mozilla has said it plans to make a privacy technology called DNS-over-HTTPS (DoH) the default setting for US users of Firefox within weeks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/U2NXSe69Ao0″ height=”1″ width=”1″ alt=””/>

Read more

Brave beats other browsers in privacy study

Credit to Author: Danny Bradbury| Date: Thu, 27 Feb 2020 11:32:13 +0000

Users looking for a privacy-focused browser might want to consider Brave first, according to a study published this week.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/nYYmchFylNA” height=”1″ width=”1″ alt=””/>

Read more

Chrome 80 encryption change blocks AZORult password stealer

Credit to Author: John E Dunn| Date: Thu, 27 Feb 2020 11:02:49 +0000

Evidence is emerging that a change made to Chrome 80 might have disrupted the popular data and user profile stealing malware AZORult.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/kjIQgx4g7bk” height=”1″ width=”1″ alt=””/>

Read more

SSL/TLS certificate validity chopped down to one year by Apple’s Safari

Credit to Author: John E Dunn| Date: Mon, 24 Feb 2020 11:42:33 +0000

From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cpkLvAwmg9A” height=”1″ width=”1″ alt=””/>

Read more

Apple chops Safari’s TLS certificate validity down to one year

Credit to Author: John E Dunn| Date: Mon, 24 Feb 2020 11:42:33 +0000

From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/cpkLvAwmg9A” height=”1″ width=”1″ alt=””/>

Read more

Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles

Credit to Author: John E Dunn| Date: Thu, 20 Feb 2020 11:20:44 +0000

Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/caf79LMUoQo” height=”1″ width=”1″ alt=””/>

Read more

Google pulls 500 malicious Chrome extensions after researcher tip-off

Credit to Author: John E Dunn| Date: Mon, 17 Feb 2020 12:07:48 +0000

Google has abruptly pulled over 500 Chrome extensions from its Web Store that researchers discovered were stealing browsing data and executing click fraud and malvertising.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/izP6lapUPOU” height=”1″ width=”1″ alt=””/>

Read more

IE zero day and heap of RDP flaws fixed in February Patch Tuesday

Credit to Author: John E Dunn| Date: Thu, 13 Feb 2020 12:52:59 +0000

Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in “limited targeted attacks”.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/JI_KRna6j1I” height=”1″ width=”1″ alt=””/>

Read more

Mozilla issues final warning to websites using TLS 1.0

Credit to Author: John E Dunn| Date: Wed, 12 Feb 2020 16:13:57 +0000

From March, the Firefox, Chrome, Safari and Edge browsers will show warnings when users visit websites that only support TLS versions 1.0 or 1.1.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3oMQ9dp5jKA” height=”1″ width=”1″ alt=””/>

Read more