The Internet Engineering Steering Group (IESG) has approved the HTTP Strict Transport Security protocol (HSTS) as a proposed standard, which means that we can look forward to it being ratified in the near future.
Trusteer have discovered a new Man in the Browser (MitB) scam that does not target specific websites, but instead collects data submitted to all websites without the need for post-processing.
When the Firesheep extension was revealed to the world in late 2010, its developer said that his main goal was to get sites to switch to full end-to-end encryption, i.e.
Chrome v22 has been released, and with it over 40 vulnerabilities - 15 of which high-severity - have been closed.
Microsoft has released the Fix it solution for the IE zero-day memory-corruption vulnerability that is currently being exploited in attacks, and has promised a security update for IE to solve the problem.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.