A domain name system server implementation is at risk of remote code execution, information exposure and denial-of-service attacks after a seven vulnerability were disclosed by Google and patched by the maintainers of Dnsmasq.
ICANN, the overseer of the Internet’s namespace, announced this week that it was postponing a scheduled change to the cryptographic key that protects the Domain Name System.
Google, through Google Domains, operates many TLDs, and this week said it would begin enforcing HSTS on those TLDs. HSTS forces secure client connections over HTTPS.
Digital civil liberty activists with Fight for the Future and Free Press were hit with a phishing emails designed to steal business credentials earlier this summer.
Google’s Project Zero released a proof-of-concept attack against a Wi-Fi firmware vulnerability in Broadcom chips that backdoors the iPhone 7. The flaw was patched in iOS 11.
The Equifax data breach saga so far, a Google HTTPS warnings paper, cryptocurrency mining at the Pirate Bay, and bringing machine learning to passwords are all discussed.