Google today flipped the switch on default HTTPS support for its free domain service provider Blogspot, upping the security ante for the millions of users of the popular platform. Google had previously introduced HTTPS support for Blogspot domains as an option in September 2015. Starting Tuesday, Google said, the browser-to-website encryption technology would be automatically added...

WhatsApp’s presence in Brazil has been rocky at best from a legal standpoint, but it got even more tenuous this week when for the second time in the last six months a judge ordered the country’s telecommunications companies to block the messaging app. The judge demanded that WhatsApp be blocked for 72 hours after WhatsApp’s...

Following an appeal from WhatsApp’s lawyers, on Tuesday afternoon a Brazilian judge overturned a suspension previously handed down this week that would’ve blocked usage of the messaging app for 72 hours. According to Reuters, on Tuesday afternoon a “different judge from the state tribunal intervened” and canceled Monday’s ruling. WhatsApp’s presence in Brazil has been...

The Linux Foundation says a new Core Infrastructure Initiative (CII) Best Practices Badge program launched Tuesday will help companies interested in adopting open source technologies evaluate projects based on security, quality and stability. The CII Best Practices Badge does not issue certificates nor validate open source projects. Instead, CII is a platform for open source projects...

The latest batch of OpenSSL security patches were released today, with a pair of high-severity flaws and four low-severity issues addressed in OpenSSL 1.0.1t and OpenSSL 1.0.2h. One of the high-severity flaws, CVE-2016-2107, opens the door to a padding oracle attack that can allow for the decryption of traffic if the connection uses an AES CBC...

It took close to two months, but free wireless and mobile provider FreedomPop has acknowledged reports of a serious vulnerability in its service. U.K.-based researcher Paul Moore told Threatpost that FreedomPop, which has been operating in the U.K. since last September, finally responded to a bug report that Moore had sent twice since March 24,...

The home stretch of Microsoft’s planned SHA-1 deprecation schedule has arrived. This summer, with the planned release of the Windows 10 Anniversary Update, users should see signs that the weak cryptographic hash function is being phased out. Microsoft said that once the anniversary update is rolled out, Microsoft Edge and Internet Explorer will no longer...

Microsoft is accelerating the fumigation of bugs on its soon-to-be released Windows Server 2016 operating system. Last week, Microsoft announced a new bug bounty program running from April 29, through July 29, 2016 – with up to $15,000 in rewards for each qualifying bug. Microsoft’s expansion of its 3-year-old program now includes its Nano Server,...

The FBI has issued a warning to businesses about the relentless wave of ransomware. The bulletin includes preventative tips, and an affirmation of the bureau’s stance that companies affected by cryptoransomware attacks in particular should not succumb to temptation and pay their attackers off. The warning comes at the same time as a Michigan utility continues...

The Supreme Court is moving to expand the FBI’s hacking authority with Criminal Rule 41, an amendment to federal criminal procedures that makes it easier for the FBI to access computers remotely when their locations are unknown. Privacy watchdogs are blasting the proposed change saying it would allow the government to hack into phones and...