Analyzing the TrueConf Zero-Day Exploit in Southeast Asian Cyber Attacks
Cybercriminals are increasingly exploiting trusted enterprise collaboration platforms through supply-chain style attacks, with a newly discovered zero-day vulnerability in the…
Security
Hong Kong Police Can Force You to Reveal Your Encryption Keys
According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer,…
Weekly Update 498
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
New Mexico’s Meta Ruling and Encryption
Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption,…
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not…
Friday Squid Blogging: Jurassic Fish Chokes on Squid
Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum: the hard, internal…
Critical Infrastructure Alert: Patch Cisco IMC and SSM On-Prem Now!
A pair of critical vulnerabilities in Cisco server and license-management technologies, CVE-2026-20093 and CVE-2026-20160. These flaws allow attackers to bypass…
Company that Secretly Records and Publishes Zoom Meetings
WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link) the recordings.…
US Bans All Foreign-Made Consumer Routers
This is for new routers; you don’t have to throw away your existing ones: The Executive Branch determination noted that…
Why Your Wildcard SSL Certificate isn’t Working on Some Subdomains (And How to Fix It)
You install a wildcard SSL certificate, everything looks right and then one subdomain throws a domain mismatch error. The browser…