Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.
Monthly Archives: March 2020
Tor browser fixes bug that allows JavaScript to run when disabled
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity.
WordPress to get automatic updates for plugins and themes
Good news for website admins: the ability to automatically update plugins and themes is being beta-tested for WordPress 5.5, due in August.
Europol busts up two SIM-swapping hacking rings
What a nightmare: your phone goes dead, and you can’t log into your bank account because it’s controlled by a hacker who’s draining you dry.
Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw
What’s the difference between a scheduled security update and one that’s out-of-band? In this case, it’s two days.
Report calls for web pre-screening to end UK’s child abuse ‘explosion’
The IICSA report cited “unprecedented levels of depravity” and said that encryption is getting in the way of current screening.
Open source bugs have soared in the past year
Open source bugs have skyrocketed, according to a report from WhiteSource, with XSS flaws account for a quarter of those bugs.
Senate bill would ban TikTok from government phones
Concerns over cybersecurity risk and possible spying by China have already brought about bans from DHS, DoD, TSA, and the State Department.
EARN IT Act threatens end-to-end encryption
The bill, which would undercut Section 230 protections for online publishing, presents itself as a way to stop online child abuse.
Homeland Security sued over secretive use of face recognition
As of June 2019, CBP had processed more than 20 million travelers using facial recognition, civil rights group ACLU says.