SSL Certificate Validity Will Be Limited to One Year by Apple’s Safari Browser

SSL Certificate Validity Will Be Limited to One Year by Apple’s Safari Browser

Starting Sept. 1, Safari will no longer trust SSL/TLS certificates with validity periods longer than 398 days Starting Sept. 1, Apple’s Safari browser will no longer trust SSL/TLS leaf certificates... The post ...
Choice Hotels: If a + b + c = d, then oops, we might have leaked some Safari users’ personal info

Choice Hotels: If a + b + c = d, then oops, we might have leaked some Safari users’ personal info

Choice Hotels has advised its customers to watch out for fraud after an extremely specific security lapse may have compromised their personal data. In a notice to customers, the hospitality franchise says ...
eGobbler infects more than 1 billion ads in worldwide campaign

eGobbler infects more than 1 billion ads in worldwide campaign

The eGobbler malvertising threat actor has made a return, this time exploiting a WebKit vulnerability used primarily by iPhone’s Safari browser. Security researchers from Confiant estimate up to 1.16 billion impressions have ...

Webkit vulnerability affecting Safari et al

| | Apple, ios, Linux, macos, Safari
Bleeping Computer: WebKit Vulnerability Affects Latest Versions of Apple Safari “A researcher published exploit code for a vulnerability in WebKit, the web browser engine that powers Apple’s Safari, along with other apps ...
Addressing Risk with Subresource Integrity (SRI)

What’s in Your Website? Lurking Risk from Third-party Resources

Address Risk from Third-party Resources with Subresource Integrity (SRI) In most real-life web apps there’s a need to include third-party resources. Whether it is for advertisements, A/B testing, analytics or other purposes, ...
Google: Security Keys Neutralized Employee Phishing

Google: Security Keys Neutralized Employee Phishing

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of ...

Apple’s privacy ambivalence

Safari guns for web tracking, but what about its own browser history and Facebook's data-sharing with device makers? ...
Orbitz Suffers Data Breach Impacting 880K Customers

Orbitz Suffers Data Breach Impacting 880K Customers

Expedia-owned travel fare aggregator Orbitz.com discovered that one of its platforms was compromised last year and hackers might have accessed the payment cards details and personal information of about 880,000 customers. The ...
Security Boulevard

Fakebank Android variant warning while Safari swipes supercookies

(1) Commenting on Symantec’s warning of a new Fakebank Android variant, Graham Cluley reports: This Android malware redirects calls you make to your bank to go to scammers instead – “MALWARE HELPS ...