Today, we will look at the growth of SSL / TLS certificates, we will return certificates to GlobalSign, let's look at the vulnerability in the Linux kernel and mention attacks on a large DNS provider.
The number of characters in the tweet cannot exceed 140. However, this is enough to provide an interesting report worth further analysis. Josh Aas tweeted last week: "Mozilla telemetry shows that over 50% of pages were uploaded over HTTPS yesterday. That's the first time this has happened. "Even though Firefox had a browser market share of just under 8% in September 20, the statcounter.com portal is still a representative sample in September 2016. However, this can be complemented with additional Google statistics. In 2016, up to 85% of the total number of requests for Google servers was encrypted. Google is up 7% from January 2016 to September 2016. For the same period, Mozilla is up 9%. When we imagine how much traffic is hidden in one percent, for example, in Google, it is a very significant shift in such a short period of time.
However, behind this number is a couple of certification authorities that have started to provide free SSL certificates for browsers. These are mainly Let's Encrypt, Cloudflare or Amazon. They are signed up under the high growth of encrypted communications. The implementation of SSL certificates from recognized certification authorities has also been a source issue in the past. With the gradual development of free certificates, the demand rose and the same Josh Aas (Head of Let's Encrypt) just a few days later tweeted that the number of valid certificates they issued exceeded 10,000,000.
In addition to the price, the use of certificates and their exchange has been greatly simplified by users. For Let's Encrypt itself, it is a great success, that they did not expect when started running the service.
A significant shift in the rapid implementation of SSL certificates has also contributed significantly to global and domestic hosting companies that could benefit from offering free SSL certificates as a competitive advantage.
Because of the significantly reduced security risk of encrypted communication between the client and the server, the free provision of SSL certificates has a significant impact on improving the security of most sites and services in this regard. Whether we talk about passing passwords to site administration, cookies, but also making it difficult to insert malware into the site or to enter the client-server communication.
But certificates are not as safe as they might seem at first sight. GlobalSign has inadvertently launched the revocation of brokerage certificates, causing a breach of confidence between GlobalSign and its customers. Many webmasters were negatively identified because their site was presented as untrustworthy or the browser refused access to that page. For companies whose core business lies on the web, it can be a huge loss. An attempt to correct certificate errors is also the fact that different apps and browsers have different updates, so it may take some time for the user to get the service without any trouble.
The new bank trojan is remarkably similar to the well-known Dyre banking trojan. The new malware called TrickBot has many similarities to Dyre, but it also contains plenty of differences. Given that people behind Dyr were supposed to be behind bars, the confirmation of the same people behind TrickBote would raise a number of questions. Currently, TrickBot targets mostly Australian banks.
"Dirty Cow" is the name of the vulnerability that has been in place for nine years in all Linux systems. This vulnerability allows a root-based device to gain access rights to a root-based device and completely control it. Vulnerability is relatively easy to exploit, which puts great pressure on its rapid patching. Several abuse of this vulnerability has been confirmed. In addition, it is also found in the Linux kernel, which is part of almost all distributions including Debian, Red Hat, and Ubuntu. The kernel has been patched and most distributions have already released patches.
One day services like Twitter, GitHub, Reddit, Paypal, and others were unavailable for several hours. The reason was that their DNS provider was under a strong DDoS attack that was targeting their data centers. The attack involved IoT devices that are infected with Mirai malware. This malware is targeted at devices such as routers or security cameras, which, after being compromised, become part of a large botnet. Mirai malware source code was released this year.
LinkedIn, MySpace, Tumbler or Dropbox joined Weebly. Thousands of user data from all of these networks. Weebly is a platform for hosting and creating websites and has lost 43,430,316 customers in the past week. Stolen data includes usernames, email addresses, passwords and IP addresses. The passwords were overwritten by the Bcrypt hash algorithm, which would make it harder to get real passwords. Hashes were probably also using Salt, a random string added to the hash process to boost the password and make it crack even more challenging. Although it is not known whether the crack was password, Weebly called on the user to change them.
RUB 1,067 / Mo
RUB 9,830 / Mo