Posted on Tuesday February 09, 2021
According to a researcher, favicons can be a security vulnerability that could let websites track your movement and bypass VPNs, incognito browsing status, and other traditional methods of cloaking your movement online. From a report: The tracking method is called a Supercookie, and it's the work of German software designer Jonas Strehle. "Supercookie uses favicons to assign a unique identifier to website visitors. Unlike traditional tracking methods, this ID can be stored almost persistently and cannot be easily cleared by the user," Strehle said on his Github. "The tracking method works even in the browser's incognito mode and is not cleared by flushing the cache, closing the browser or restarting the system, using a VPN or installing AdBlockers." Strehle's Github explained that he became interested in the idea of using favicons to track users after reading a research paper [PDF] on the topic from the University of Illinois at Chicago. "The complexity and feature-rich nature of modern browsers often lead to the deployment of seemingly innocuous functionality that can be readily abused by adversaries," the paper explained. "In this paper we introduce a novel tracking mechanism that misuses a simple yet ubiquitous browser feature: favicons." To be clear, this is a proof-of-concept and not something that Strehle has found out in the wild.
Posted on Tuesday February 09, 2021
Based on user feedback we have simplified programmatic access to the security update data by removing the authentication and API-Key requirements when using the CVRF API. You will no longer have to log in to obtain a personal API key to access the data. We're happy to make this valuable public information more freely available...
Posted on Tuesday February 09, 2021
Today Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term. We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move...
Posted on Monday February 08, 2021
Windows 10 users are well aware that installing updates can take a long time. We hear users complaining about it all the time. Why are Windows 10 updates so slow, and what can users do to speed things up? Here's our take.
Posted on Friday February 05, 2021
Telemedicine means exactly as it sounds - a medical service delivered via telephone or any communications platform. Nearly one year into the COVID-19 pandemic, telemedicine has proven itself to be viable and valuable for patients and caregivers alike. This is because it allows care to be provided while avoiding the physical proximity that heightens the risk of spreading or getting infected with the disease.
Posted on Wednesday February 03, 2021
Don't give your customers any reason to feel insecure when dealing with your business. When they visit and use your website, you must engender feelings of trust and security instead of alarm and distrust. Don't worry - you can easily do this with these three tips.
Phone: +1-989-776-2080
Toll Free: +1-855-674-2968
Email: info (at) netservicesgroup dot com
DUNS 155892800
SPIN 143027933
100% Michigan
NSG is owned & operated, offering enterprise-level IT service & support, right in your own back yard.