Mozilla is working on a fix for a new URL spoofing vulnerability, announced this week, that can result in a phishing exploit. The flaw, which affects all versions of the Firefox browser, can be taken advantage of if a user visits a website hosting malicious code that automatically prompts a window or tab containing a bogus URL to open, according to an advisory. A user, unable to tell if the URL is authentic because it has been manipulated to appear legitimate, may disclose personal information to the malicious site. Mozilla recommends users only share data with trusted websites. — DK
Vulnerable SSH servers could be compromised to secure private RSA host keys through a new passive attack method that involves the observation of computational faults during the signing process that exposes the private keys, The Hacker News reports.
BleepingComputer reports that widely used 3D computer graphics software suite Blender has been impacted by site outages due to distributed denial-of-service attacks that have been ongoing since the weekend.
Network security: New tools for an aging art
The Latest Cybercriminal TTPs: How Public-Sector Defenders Can Stay Ahead
Playing network traffic cop in multi-cloud environments: A guide to detecting & restricting lateral movement
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news