ÃÛÌÒTV

Here is our latest news roundup of articles about network and TLS security.ÌýClick hereÌýto see the whole series.

TLS/SSL news

• The the last EU country to run its own certificate authority, announced that they will stop issuing TLS certificates starting in December 2021.
• for the public NPM registry starting Oct. 4, 2021.

Data security

• A new phishing campaign that uses emails spoofing as PayPal isÌý
• about a new phishing scam impersonating state agencies via SMS.
• will provide AWS customers free FIDO Security Keys so that they can better protect account security.
• or insecure file downloads. Chrome rolled out a similar feature in 2020.
• in private browsing in their next update.

Data breaches

• that exposed names, date of birth, and social security numbers for over 40 million customers, including former and prospective customers.
• recently warned customers in Montana that other customers could have seen their personal data due to a glitch on their mobile app and website.

Vulnerabilities

• A vulnerability that could allow hackers to look through a camera feed and remotely control devices was found that can
• found a vulnerability in cloud software Azure which left the data of many customers, including Fortune 500 companies, exposed for the past two years.

Government regulation

• A new would require federal agencies, federal contractors and organizations critical to national security to report security breaches to the Cybersecurity Infrastructure Security Agency (CISA) within 24 hours of discovery.
• A new bill in the U.S. Senate would require digital signatures for important court orders.
• A new allows police to collect device data and social media account information without a warrant.

Malware

• The largest oil pipeline in the United States, this month after a major hack.