LifeLock Bug Exposed Millions of Customer Email Addresses

Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers.

Source: LifeLock Bug Exposed Millions of Customer Email Addresses

Advertisements

DHS – Russian APT groups are inside US critical infrastructure

The US Government is warning of continuous intrusions in National critical infrastructure and it is blaming the Kremlin for the cyber attacks. According to the US Department of Homeland Security, Russia’s APT groups have already penetrated America’s critical infrastructure, especially power utilities, and are still targeting them.

Source: DHS – Russian APT groups are inside US critical infrastructure

Why No HTTPS? Here’s the World’s Largest Websites Not Redirecting Insecure Requests to HTTPS

As of today, Google begins shipping Chrome 68 which flags all sites served over the HTTP scheme as being “not secure”. This is because the connection is, well, not secure so it seems like a fairly reasonable thing to say! We’ve known this has been coming for a long time now both through observing the changes in the industry and Google specifically saying “this is coming”. Yet somehow, we’ve arrived at today with a sizable chunk of the web still serving traffic insecurely .

Source: Why No HTTPS? Here’s the World’s Largest Websites Not Redirecting Insecure Requests to HTTPS