How effective are the security questions—and answers—used to protect sensitive accounts and information? Not very, according to new Google research. Read about how easy it is for hackers and bots to guess answers to common questions, and what users can do about it.
Google also published research last month on the ad injection economy (key findings here, full report here).
Mozilla sent a communication to CAs with root certificates included in Mozilla’s program; Mozilla, acting in the best interest of users, asked CAs to respond to five action items. They’ve stated they intend to publish the responses this month.
WordPress users: The Automattic team released WordPress 4.2.2, featuring critical security fixes, the first week of May. Please make sure you’re updated!
DomainTools put together their first report profiling malicious domains by delving into domain registration attributes and overlaying this with data on malicious activity. Their summary links to the full report here.