Here is our latest news roundup of articles about network and TLS security.ÌýClick hereÌýto see the whole series.
TLS/SSL news
- The the last EU country to run its own certificate authority, announced that they will stop issuing TLS certificates starting in December 2021.
- for the public NPM registry starting Oct. 4, 2021.
Data security
- A new phishing campaign that uses emails spoofing as PayPal isÌý
- about a new phishing scam impersonating state agencies via SMS.
- will provide AWS customers free FIDO Security Keys so that they can better protect account security.
- or insecure file downloads. Chrome rolled out a similar feature in 2020.
- in private browsing in their next update.
Data breaches
- that exposed names, date of birth, and social security numbers for over 40 million customers, including former and prospective customers.
- recently warned customers in Montana that other customers could have seen their personal data due to a glitch on their mobile app and website.
Vulnerabilities
- A vulnerability that could allow hackers to look through a camera feed and remotely control devices was found that can
- found a vulnerability in cloud software Azure which left the data of many customers, including Fortune 500 companies, exposed for the past two years.
Government regulation
- A new would require federal agencies, federal contractors and organizations critical to national security to report security breaches to the Cybersecurity Infrastructure Security Agency (CISA) within 24 hours of discovery.
- A new bill in the U.S. Senate would require digital signatures for important court orders.
- A new allows police to collect device data and social media account information without a warrant.
Malware
- The largest oil pipeline in the United States, this month after a major hack.