Security News

It wasnt easy, but Netflix will soon use HTTPS to secure video streams (ArsTechnica)
2015-04-16 17:00

Follow the MS15-034 http.sys fun over at https://github.com/rapid7/metasploit-framework/pull/5150 (links to PoCs video + discussion) (Reddit)
2015-04-16 16:00

Node.js Express middleware to protect against HTTP Parameter Pollution attacks (Reddit)
2015-04-15 19:54

Remote Code Execution Via HTTP Request In IIS On Windows (Reddit)
2015-04-15 15:33

CVE-2015-1635 - RCE in Windows HTTP.sys (Reddit)
2015-04-15 03:33

It's 2015 and a RICH TEXT FILE or a HTTP request can own your Windows machine (The Register)
2015-04-15 00:40

Microsoft Patches Critical HTTP.sys Vulnerability (Threatpost)
2015-04-14 18:49

Microsoft and Adobe released security bulletins addressing critical vulnerabilities in their respective products.

Intent to deprecate: Insecure HTTP (Reddit)
2015-04-13 22:59

Firefox disables opportunistic encryption to fix HTTPS-crippling bug (ArsTechnica)
2015-04-07 15:54

The lack of HTTPS at Amazon: identifying items purchased using information leakage (Reddit)
2015-04-04 05:22