Daily Video: Mozilla Dials Back on Firefox Opportunistic Encryption

By eWEEK Staff  |  Posted 2015-04-08 Print this article Print

Mozilla dials back on Firefox Opportunistic Encryption; Cisco rolls out threat intelligence, incident response services; IBM, NASA challenge developers to build apps on IBM Cloud; and there's more.

More than 1 Million Android Devices Infected by 'Gooligan' Trojan

DAILY VIDEO: 'Gooligans' malware infects more than 1.3 million Android devices; Firefox patched for...

Azure Cloud Flaw Posed Hacking Risk to RHEL Virtual Machines

DAILY VIDEO: Microsoft Azure flaw posed RHEL hacking risk; Google explores use of machine learning to...

Microsoft Readying New Smartphone Models for Late 2017, Reports Say

DAILY VIDEO: Microsoft readying new mobile device push in 2017, reports say; Cisco extends security...

San Francisco Transit Agency Gets Back Online After Ransomware Attack

DAILY VIDEO: Cyber-attack knocks out San Francisco transit system fare terminals; Cisco extends...

Recount in Wisconsin Unlikely to Reveal Vote System Fraud, Hacking

DAILY VIDEO: Election recount unlikely to reveal evidence of vote system hacking; Mimecast brings...

Microsoft Sets Sights on Building Practical Quantum Computer

DAILY VIDEO: Microsoft Starts Quantum Computer Development Program; Cerber Ransomware Expands...

Symantec Buys Out Identity Protection Firm LifeLock for $2.3 Billion

DAILY VIDEO: Symantec acquires identity protection vendor LifeLock for $2.3 Billion; Oracle acquires...

Nvidia, OpenAI to Collaborate With Microsoft's AI Efforts

DAILY VIDEO: Microsoft's AI efforts get a boost from Nvidia, Elon Musk's OpenAI; Mozilla introduces...

IBM Launches Security Services Headquarters in Massachusetts

DAILY VIDEO: IBM opens global headquarters for security services; IoT devices evolving rapidly as...

Dell Data Protection Secure Lifecycle Encrypts Data in Motion

Daily Video: Dell data protection defends against external, insider threats; Microsoft Outlook...

Read more about the stories in today's news:


Today's topics include Mozilla's decision to disable "opportunistic encryption," new threat intelligence services from Cisco, a fresh collaboration between IBM and NASA and findings about the vulnerability of the Global 2000.

Mozilla has had a change of heart regarding opportunistic encryption—for now. The company rolled out its open-source Firefox 37 Web browser on March 31, including an important new feature called opportunistic encryption.

However, due to a security issue related to opportunistic encryption, Mozilla disabled the feature in the Firefox 37.0.1 update released April 3. The security issue is located in Mozilla's HTTP Alternative Services implementation, which is connected to the opportunistic encryption capability.

Mozilla plans to re-enable the encryption feature once it resolves the security issue.

Cisco recently announced new threat intelligence and incident response services. These come to Cisco thanks in part to the integration of technologies from ThreatGrid, a company Cisco acquired in May 2014.

Helping to push forward the new threat intelligence capabilities is co-founder and former CTO of ThreatGrid Dean De Beer, who is now principal engineer of Advanced Threat Solutions at Cisco.

Cisco's Advanced Malware Protection platform is now being expanded with the help of ThreatGrid's platform. IBM and NASA are collaborating on a global code-a-thon where developers will be tasked with building applications that bolster space exploration missions and help to improve life on Earth.

IBM announced that it will provide its Bluemix platform for the NASA Space App Challenge Virtual Event to help developers rapidly build apps that contribute to space exploration and solve global challenges.

Nearly three-quarters of the Global 2000 continue to be vulnerable to cyber-attacks because they have not fully hardened their systems against the effects of the OpenSSL Heartbleed vulnerability reported a year ago, according to a report from encryption key management firm Venafi.

Using scans of Global 2000 companies' public-facing systems, the firm found that 74 percent of the businesses are still vulnerable to the fraudulent use of encryption and certificate keys stolen in the days following the disclosure of the Heartbleed vulnerability. Eight months ago, 76 percent of companies were vulnerable, Venafi reported.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel