Security News

Mozilla is running a study to test users' responses to changing the default Firefox search engine to Microsoft Bing. Like all browsers, Mozilla Firefox automatically configures a browser to a default search engine for performing searches via the address bar.

Studying for the CCSP exam? The CCSP practice quiz is a great study tool that allows you to quickly identify any knowledge gaps you might have in each domain. Your quiz results will allow you to refine your study strategy, so you can show up on test day ready to take the CCSP exam with confidence.

Continuing to use online tests after the pandemic will help organizations deliver certifications quickly and at scale, says Questionmark. Global demand for modern technology skills is rapidly outstripping supply.

Mozilla has launched an experiment where they change the Firefox browser user agent to a three-digit "Firefox/100.0" version to see if it will break websites. The current user agent for Mozilla Firefox version 90 is listed below.

South Korea has this week announced two new weapons: grenade-launching drones for its military, and anti-ransomware software for businesses. The nation's Defense Acquisition Program Administration has revealed that in 2022 South Korea will test grenade-launching drones that can be remotely controlled over a range of two kilometres, carrying gunpowder-filled 40mm shells.

Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against. While always running and scanning every app installed and launched on the device, "The endurance test revealed that this service does not provide particularly good security: every other security app offers better protection than Google Play Protect."

Rather, it's about why victims still pay for a key needed to decrypt their systems even when they have the means to restore everything from backups on their own. Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take.

Coursera states, in its Vulnerability Disclosure Program, that access control issues are a security concern. API leaks are not uncommon and have been main contributors to major security issues.

TrustInSoft announced an Application Security Test specifically designed to mathematically guarantee bug-free code in embedded Internet of Things devices. This AST for IoT is based on TrustInSoft's Analyzer to provide the equivalent of static and dynamic code analysis of C/C++ source code using Formal Methods testing to guarantee the absence of undefined source code behaviors.

The mitigations applied to exorcise Spectre, the family of data-leaking processor vulnerabilities, from computers hinders performance enough that disabling protection for the sake of speed may be preferable for some. "Before Spectre mitigations, those system calls hardly slowed down userspace execution at all."