Node.js 19 is now generally available
The Node.js team recently released Node.js 19. The update aims to modernize the V8 JavaScript engine to version 10.7 while making HTTP(s)/1.1 KeepAlive default.
The V8 JavaScript engine brings the latest version of Intl.NumberFormat to JavaScript API and allows developers to establish reusable f... Read more
Cloudflare fends off largest HTTPS DDoS attack of all time
Cloudflare recently repelled the largest HTTPS DDoS attack of all time. The attack executed as many as 26 million HTTPS requests per second using hijacked servers and virtual machines.
The attack targeted one of Cloudflare's customers. The hackers used a botnet consisting of 5,067 IoT devices, s... Read more
‘One-third of websites still don’t use https encryption’
According to a monthly survey by security researcher Scott Helme, one-third of the largest global websites do not use https encryption.
In his research for November 2021, researcher Scott Helme focuses on techniques that ensure the security of websites. He used a crawler to examine the 1 million... Read more
Mozilla will disable FTP in Firefox 88 and remove it in Firefox 90
FTP links will no longer be handled by Mozilla Firefox. The browser is planning to rip out its FTP implementation and pass on the job to other applications. A year ago, the browser announced that it was going to disable support for FTP.
It also said that the move would be delayed because of the ... Read more
Chrome upgrades HTTP to HTTPS, if available
Google’s engineers are revered in the browser industry. They have been some of the most ardent proponents of browser security features. Over the past few years, they have been working with teams behind browsers like Tor and Firefox, to bring about many of the changes we see in browsers today.
... Read more
Let’s Encrypt temporarily solves problems on older Android phones
Let's Encrypt has found a solution to the problem that older Android smartphones will soon no longer trust some websites due to an expired certificate. No action from end users is required.
To solve the problematic TLS certificates, Let's Encrypt and IdenTrust agreed that the latter company woul... Read more
Firefox 83 comes with an ‘HTTPS-Only-Mode’ loading only HTTPS sites
Firefox 83 is scheduled to be released on Wednesday and will come with a new security feature designed to load all websites using HTTPS. The feature is called "HTTPS-Only-Mode." If the loading does not go through, an error message on the sites that only support the older and less secure HTTP protoc... Read more
Many websites will soon stop working on older Android phones
Android phones with Android 7.1.1 or older will soon be unable to reach many websites. This applies to websites with a TLS certificate from Let's Encrypt. A workaround is available.
For years, Let's Encrypt has been distributing free TLS certificates to websites that want to secure their connect... Read more
Majority of malware is invisible without https inspection
Two-thirds (67 percent) of the malware delivered in the first quarter of 2020 used encrypted https connections, according to a study by WatchGuard Technologies. Without https inspection, these threats can not be detected.
Of the encrypted malware, 72 percent involve zero-day malware that hasn't ... Read more
Mozilla adds second DNS over HTTPS service to Firefox
NextDNS becomes the second DNS-over-HTTPS (DoH) provider in Firefox, after Cloudflare. With DoH, Internet users can hide their DNS requests and bypass Internet blockages.
To become part of Firefox, NextDNS had to prove that it stores as little data as possible, is transparent about that data, an... Read more