111 matches found
WordPress PHP Everywhere plugin <= 2.0.2 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by Rasi Afeef in WordPress PHP Everywhere plugin versions = 2.0.2. Solution Update the WordPress PHP Everywhere plugin to the latest available version at least 2.0.3...
What is Tor?
Tor, The Onion Router Tor The Onion Router is free software used to keep your online communications safe and secure from outside observers. It’s designed to block tracking and eavesdropping, resist fingerprinting where services tie your browser and device information to an identity, and to hide t...
The 6 best Chrome extensions for privacy and security
While searching for security- and privacy-improving extensions, users may end up installing an extension that is counterproductive to their goals. To help our readers I have compiled a list of Chrome extensions that can actually help you improve your online privacy and security. Our regular reade...
HTTPS Everywhere - A Browser Extension That Encrypts Your Communications With Many Websites That Offer HTTPS But Still Allow Unencrypted Connections
A browser extension that encrypts your communications with many websites that offer HTTPS but still allow unencrypted connections. Getting Started Get the packages you need and install a git hook to run tests before push: bash install-dev-dependencies.sh Run the ruleset validations and browser...
Moderate: Red Hat Security Advisory: python-novajoin security and bug fix update
An update for python-novajoin is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Reduce cloud adoption risks and deliver superior digital experiences with Akamai Cloud Delivery Platform - Part 1
Businesses are rapidly moving to the cloud and a recent IDG survey indicates that 70% of businesses have at least 1 application in the cloud and 16% plan to take their first app to the cloud in the next 12 months. However public cloud providers present their own challenges. They are unreliable...
Legal Robot: Futureoflife organization URL should be HTTPS
SUMMARY This is just for the awareness to use HTTPS everywhere, even for outgoing links - where it's possible. Treat this report with some salt, not as in hashes. Navigate to: https://www.legalrobot-uat.com/faq/ futureoflife organization URL redirect to HTTPS after click, but cookie is sent on th...
[SECURITY] Fedora 25 Update: icecat-52.0.1-5.fc25
GNUZilla Icecat is a fully-free fork of Mozilla Firefox ESR. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. SpyBlock Blocks privacy trackers while in normal browsing mode, and a...
Google Search Engine Rank Prefers HTTPS
Nothing in Google’s arsenal carries more weight than its search engine rankings. Pair that weapon with a desire to inspire encrypted connections on the web, and you have a pretty powerful combination. More than a year ago, Google said it was testing a method where a site’s search ranking would be...
Sniffly - Sniffing Browser History Using HSTS + CSP.
Sniffly is an attack that abuses HTTP Strict Transport Security and Content Security Policy to allow arbitrary websites to sniff a user's browsing history. It has been tested in Firefox and Chrome. More info available in my ToorCon 2015 slides:...
[SECURITY] Fedora 22 Update: icecat-38.3.0-10.fc22
GNUZilla Icecat is a fully-free fork of Mozilla Firefox. Four extensions are included to this version of IceCat: LibreJS 6.0.10.20150620 GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. SpyBlock 2.6.9.0 Blocks privacy trackers while i...
[SECURITY] Fedora 23 Update: icecat-38.3.0-10.fc23
GNUZilla Icecat is a fully-free fork of Mozilla Firefox. Four extensions are included to this version of IceCat: LibreJS 6.0.10.20150620 GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. SpyBlock 2.6.9.0 Blocks privacy trackers while i...
HTTPS Available as Opt-In for Blogspot
Google said on Wednesday it has made HTTPS available as an opt-in for its Blogspot publishing service. Google and other technology providers have been ramping up encryption rollouts in the two years since the publication of the Snowden documents began. To date, Google has encrypted Gmail, search,...
Imgur: "Sign me out everywhere" does not work for desktop sessions
An account option that allowed users to sign out everywhere was found to not be functioning properly. A user selecting this option was not signed out. A fix has been rolled out to update session security as a result of this report...
Tor Browser 4.0.4 Released
Tor — a privacy oriented encrypted anonymizing service, has announced the launch of its next version of Tor Browser Bundle, i.e. Tor version 4.0.4, mostly supposed to improve the built-in utilities, privacy and security of online users on the Internet. Tor Browser helps users to browse the Intern...
Tor Browser 3.6.4 and 4.0-alpha-1 are released
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical...
Tor Browser 3.6.3 - Use Tor on Windows, Mac OS X, or Linux without needing to install any software
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical...
HTTPS Everywhere 3.0 Released
The EFF has released an updated version of its popular HTTPS Everywhere browser plugin, which enables users to automatically connect over HTTPS to many sites. The newest version of the extension now supports more than 1,500 sites. The EFF developed HTTPS Everywhere in collaboration with The Tor...
Fedora Update for mozilla-https-everywhere FEDORA-2012-7051
Check for the Version of mozilla-https-everywhere OpenVAS Vulnerability Test Fedora Update for mozilla-https-everywhere FEDORA-2012-7051 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...
Fedora 16 : mozilla-https-everywhere-2.0.3-2.fc16 (2012-7136)
Fix a possible SSL downgrade vulnerability. Fix upstream bug 5676, which fixes an SSL downgrade attack. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...