Mozilla introduced Tracking Protection for User’s Privacy
Mozilla has announced new experimental features through its Test Pilot Program out of which one feature named Tracking Protection will affect user’s privacy. Currently, this feature is available only in private browsing mode and works by blocking known sources of tracking scripts. Firefox has also enabled feedback button to let Firefox users know where the Tracking Protection fails to protect users. There are other six features also available in Tracking Protection program.
Google Chrome released CSP Evaluator and CSP Mitigator Extensions
Google has released two extensions named CSP Evaluator and CSP Mitigator that will identify weakness arise due to XSS attacks. CSP is a set that will allow developers to limit script running in a page so attackers will not be able to load malicious scripts. There are 95% websites out of one billion websites do not follow CSR policies that allow attackers to sidestep CSP protection. Google also released nonce (a temporary token) based CSP policies means that helps to deploy CSP policies. CSP Mitigator will identify scripts that do not follow nonce policies.
Mozilla will ban Chinese CAs from Issuing SHA-1 Certificates
Mozilla is going to ban Chinese CA called WoSign and Israeli CA named StarCom for violating SSL certificate issuance. Both CAs have issued SHA-1 related certificates that are not acceptable according to new norms set by CA/Browse forum. Mozilla has not banned already issued certificates but put ban on both companies for temporary time. The authority has given one-year time to pass few tests otherwise Mozilla will ban all certificates.
OVH Hosting has suffered DDoS Attack
OVH hosting company faced a severe DDoS attack with peaks of one Tbps of traffic. The founder has revealed on Twitter that last week the company had large DDoS attack. One attack was peaked at 799 Gbps of traffic out of multiple attacks that is believed to be the largest DDoS attack until now. This DDoS attack was carried out over 152000 IoT devices, which included compromised, CCTV cameras and personal video recorder.
Facebook Enable OSquery tool for Windows OS
Facebook has released OSquery (a tool that scans for malware and malicious activity on network) for Windows OS. Earlier the tool was used for Mac OS X and Linux environment. OSquery scans every computer on the infrastructure. Even, SQL based queries allow security teams and developers to check monitor lower level functions in current time. Facebook has also published official documentation , the development environment, and a single script of OSquery.
Germany banned WhatsApp and Facebook
Germany has banned WhatsApp and Facebook from collecting 35 Million user data. Facebook had promised to avoid data sharing between Facebook and WhatsApp but after that, the scenario has changed. Facebook got approval neither from the company nor from any users. The content shared on WhatsApp is encrypted and is safe from interception. The Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar has told Facebook to delete data that is already forwarded to WhatsApp.
The USA handled over the internet control to the ICANN
Since the beginning of the internet, the USA commerce department is regulating the internet. After 47 years, the contract had come to end and from now the ICANN-a non-profitable authority (whose motto is to assign domain names and fundamental IP address) will regulate the internet. Until now, the ICANN authority was performing its task under the supervision of US agency of department of Commerce (National Telecommunications and Information Administration (NTIA).