Tor Browser 13.5 brings Android enhancements, better bridge management

June 21, 2024 at 10:30AM Tor Browser 13.5 has been released, focusing on usability enhancements for Android and desktop versions. The updates include improved bridge management, redesigned letterboxing, and simplified onion site error messages for desktop. For Android, the release introduces a new connection experience and relocates Tor logs, aiming to bridge the feature gap … Read more

DNSFilter Welcomes Cisco Veteran TK Keanini As CTO

June 11, 2024 at 05:39PM DNSFilter announced the appointment of TK Keanini as Chief Technology Officer (CTO). Keanini, with over 30 years of network security experience, will lead product management, customer experience, engineering, and security intelligence. His focus is on customer needs and feedback to drive ongoing innovation and growth. DNSFilter aims to enhance security … Read more

FCC Proposes BGP Security Reporting for Broadband Providers

June 7, 2024 at 08:12AM The FCC announced new reporting requirements to improve internet routing security, focusing on mitigating flaws in the Border Gateway Protocol (BGP). They propose the largest broadband providers submit quarterly reports on progress. The agency highlights the potential threats of BGP manipulation and proposes implementing security measures using RPKI. Public comments … Read more

Multi-day DDoS storm batters Internet Archive

May 29, 2024 at 04:24PM The Internet Archive is facing a sustained DDoS attack, causing spotty online library access. While its collections are safe, the attacker’s identity remains unknown. Founder Brewster Kahle also highlights legal battles with major publishers and record labels, posing a significant threat to the nonprofit’s future. The Archive is fighting back … Read more

Vast Network of Fake Web Shops Defrauds 850,000 & Counting

May 9, 2024 at 12:49PM A criminal network known as BogusBazaar, based in China, has scammed more than 850,000 victims through over 75,000 fraudulent web shops. They steal payment card details and offer fake merchandise. They operate with an infrastructure-as-a-service model and use expired domains with high Google ratings to attract victims, mostly from the … Read more

Browsing in Incognito Mode Doesn’t Protect You as Much as You Might Think

April 6, 2024 at 08:36AM A recent legal settlement highlighted concerns over Google Chrome’s Incognito mode, aiming to improve user privacy. Using private browsing mode gives a fresh start, erasing browsing history and cookies. However, it doesn’t hide IP address, prevent ISP logging, or fully protect against tracking. VPNs and privacy-focused search engines offer additional … Read more

Funding the Organizations Securing the Internet

April 2, 2024 at 12:36AM Common Good Cyber is a global consortium that brings together nonprofit, private sector, and government organizations to support initiatives dedicated to securing the Internet infrastructure. Based on the meeting notes, it appears that Common Good Cyber is a global consortium that connects nonprofit, private sector, and government organizations. The consortium’s … Read more

KeyTrap attack: Internet access disrupted with one DNS packet

February 19, 2024 at 08:38AM A serious vulnerability named KeyTrap in the DNSSEC feature could be exploited to deny internet access to applications for an extended period. Tracked as CVE-2023-50387, KeyTrap is a design issue in DNSSEC impacting DNS implementations. Researchers from ATHENE and partners discovered and addressed the issue, working with DNS service providers. … Read more

ExpressVPN bug has been leaking some DNS requests for years

February 11, 2024 at 12:39PM ExpressVPN removed split tunneling from versions 12.23.1 to 12.72.0 after a bug exposed user browsing domains to configured DNS servers. This impacted 1% of Windows users. Upgrading to version 12.73.0 removes split tunneling, to be reintroduced after bug fix. If unable to upgrade, disabling split tunneling or using version 10 … Read more

No, 3 million electric toothbrushes were not used in a DDoS attack

February 7, 2024 at 01:23PM A reported story about 3 million electric toothbrushes being hacked to conduct DDoS attacks is likely a hypothetical scenario rather than an actual attack. The absence of evidence and lack of response from Fortinet, the alleged source, suggest the story is disputable. However, it serves as a reminder to secure … Read more