Security Alerts & News
by Tymoteusz A. Góral

History
#2017 Firefox users fingerprinted via cached intermediate HTTPS certificates
The way in which Firefox caches intermediate CA certificates allows a third-party to deduce various details about website visitors and also link advertising profiles to private browsing sessions.

Before we go on, it is important that non-technical users understand what is an intermediate CA certificate.

At the top of the entire HTTPS infrastructure we have root CAs (Certificate Authorities), which are companies such as Comodo, Symantec, DigiSign, and others.

For security reasons, root CAs generate intermediate certificates, instead of using the main root certificate. This way, when an intermediate CA certificate gets compromised, the root CA continues to operate and doesn't have to revoke and replace certificates for all its clients, but only a few.
Read more
#2018 OpenSSL update fixes high-severity DoS vulnerability
#2017 Firefox users fingerprinted via cached intermediate HTTPS certificates
#2016 The attack of the alerts and the zombie script
#2015 Hacks all the time. Engineers recently found Yahoo systems remained compromised
#2014 CryptoMix: Avast adds a new free decryption tool to its collection
#2013 Microsoft Security Bulletin MS17-005 - Critical
#2012 Java and Python FTP attacks can punch holes through firewalls
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12