Update your Firefox to version 66.0.4 and your TOR browser to version 8.0.9 to fix the problem with intermediate certificate verification.
Original release date: April 26, 2019
The Federal Trade Commission (FTC) has released an article with tips for parents to keep their children safe online. The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the FTC article and the following additional resources for more information:
- Keeping Children Safe Online
- Rethink Cyber Safety Rules and the “Tech Talk” with Your Teens
- Stop.Think.Connect. Toolkit
- Stay Safe Online
- Concerned Parent’s Internet Safety Toolbox
NIST said forced password changes were unnecessary 3 years ago. Microsoft has recognized that users don’t actually change their passwords when prompted, they just tweak them. And that doesn’t help anyone.
OK, maybe I believe them. But what about selective phone surveillance? The NSA has asked the White House to end its mass phone surveillance program because the work involved outweighs its intelligence value.
DNS over HTTPS (DoH), backed by Google, Mozilla and Cloudflare, is about to make web surveillance a lot more difficult.
Original release date: April 17, 2019
The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities in Broadcom WiFi chipset drivers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the CERT/CC Vulnerability Note VU#166939 for more information and refer to vendors for appropriate updates, when available.
Researchers have discovered several holes in a new security protocol for wireless networks.
Original release date: April 12, 2019
The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting multiple Virtual Private Network (VPN) applications. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#192371 for more information and refer to vendors for appropriate updates, when available.