InfoQ reports on surprising results from research sponsored by the Institutes for Application Security and System Security at Germany’s Technische UniversitÃt Braunschweig: A study published in June 2019 reveals that in the Alexa Top 1 million websites, one out of 600 sites executes WebAssembly (Wasm) code. The study moreover finds that over 50% of those sites using WebAssembly apply it for…
Tag: Websites
Facebook, Mozilla, and Cloudflare Announce New TLS Delegated Credentials Standard
Facebook, Mozilla, and Cloudflare announced today a new technical specification called TLS Delegated Credentials, currently undergoing standardization at the Internet Engineering Task Force (IETF). From a report: The new standard will work as an extension to TLS, a cryptographic protocol that underpins the more widely-known HTTPS protocol, used for loading websites inside browsers via an encrypted connection. The TLS Delegate Credentials…
Privacy attack on DNA website reveals 93 per cent of a person’s data
One of the world’s biggest genetic genealogy websites, GEDmatch, has a vulnerability that means people’s data could be accessed without their permission Source: https://www.newscientist.com/article/2221972-privacy-attack-on-dna-website-reveals-93-per-cent-of-a-persons-data/?utm_campaign=RSS%7CNSNS&utm_source=NSNS&utm_medium=RSS&utm_content=home…
Comcast Argues ‘We’ve Never Sold Customers’ Data’
An anonymous reader quotes MediaPost: Faced with a new controversy related to online privacy, Comcast said this week that it doesn’t draw on information about the sites broadband users visit for advertising or targeting. The company said Thursday that it deletes information every 24 hours about the domain names people navigate to online. “Millions of Comcast customers look up billions of…
Nasty PHP7 Remote Code Execution Bug Exploited in the Wild on NGINX Servers
nickwinlund77 shares this story from ZDNet: A recently patched security flaw in modern versions of the PHP programming language is being exploited in the wild to take over servers, ZDNet has learned from threat intelligence firm Bad Packets. The vulnerability is a remote code execution (RCE) in PHP 7, the newer branch of PHP, the most common programming language used to…
City of Johannesburg Hit by Ransomware, Again
A hacker group going by the name of Shadow Kill Hackers has infected the city of Johannesburg’s internal network with ransomware and is holding South Africa’s largest city for ransom. From a report: The hackers are demanding 4 bitcoins to be paid by next Monday, October 28, 5 pm, local time, or they claim they’ll upload the city’s data on the…
Chrome 78 Arrives With New APIs, Dark Mode Improvements On Android and iOS
An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 78 for Windows, Mac, Linux, Android, and iOS. The release includes the CSS Properties and Values API, Native File System API, new Origin Trials, and dark mode improvements on Android and iOS. You can update to the latest version now using Chrome’s built-in updater or download it directly from…
New Bill Promises an End To Our Privacy Nightmare, Jail Time To CEOs Who Lie
An anonymous reader quotes a report from Motherboard: Oregon Senator Ron Wyden has unveiled updated privacy legislation he says will finally bring accountability to corporations that play fast and loose with your private data. Dubbed the Mind Your Own Business Act, the bill promises consumers the ability to opt out of data collection and sale with a single click. It also…
UK scraps plan to enforce age checks on pornography websites
The UK government has dropped plans to introduce age verification measures designed to prevent children from accessing pornography online, which had sparked concerns about privacy Source: https://www.newscientist.com/article/2220220-uk-scraps-plan-to-enforce-age-checks-on-pornography-websites/?utm_campaign=RSS%7CNSNS&utm_source=NSNS&utm_medium=RSS&utm_content=home…
Apple Responds To Reports That It is Sharing Data With Tencent
Over the weekend, reports emerged that claimed that Apple was sending users’ browsing details to Tencent to run it against Chinese company’s safe browsing feature. In a statement on Monday, an Apple spokesperson has offered a clarification: Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in…