Blog

Community news and analysis: November 2014

Posted on December 12, 2014 - 13:49 by ccondon

Featured news

New open source Google tool tests web security scanners. Dubbed ‘Firing Range,’ the tool functions as a test ground for automated scanners and will help verify the detection capabilities of security tools. Details here.

Google study delves into manual account hijacking incidents: tactics used, success rates, damage done, and more.

Malware

ESET: First in-the-wild exploitation of Unicorn vulnerability affecting IE versions 3-11.

Fortinet: The rebirth of Dofoil—new malware variant marks the resurrection of an old botnet. 

Sucuri: RSS reveals malware injections.

Other security news

Sophos: Carder. su fraudster jailed for 9 years, ordered to pay $50.8 million.

Over the next few months, Chrome and Firefox are changing the way they treat certain website certificates. Specifically, SHA-1 certificates will be treated as less trustworthy. This change affects a lot of websites—see CloudFlare’s explanation here. (Google's explanation from September is here.)

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.