Open Source Security

Internal Docs Show Why the U.S. Military Publishes North Korean and Russian Malware

A previously secret document obtained by Motherboard shows how, and why, CYBERCOM is publicly releasing malware from adversaries.

Newly released and previously secret documents explain in greater detail how, and why, a section of the U.S. military decides to publicly release a steady stream of adversarial countries’ malware, including hacking tools from North Korea and Russia. Cyber Command, or CYBERCOM, publishes the malware samples onto VirusTotal, a semi-public repository that researchers and defenders can then pore over to make systems more secure.

Full Article here:

Open Source Privacy Security

Firefox to enable DNS-over-HTTPS by default to US users

icon design for cyber security

Mozilla  will bring its new DNS-over-HTTPS security feature to all Firefox users in the U.S. by default in the coming weeks, the browser maker has confirmed.

It follows a year-long effort to test the new security feature, which aims to make browsing the web more secure and private.

Whenever you visit a website — even if it’s HTTPS enabled — the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can’t be intercepted or hijacked in order to send a user to a malicious site.

Full Article at

Compliance Open Source Privacy

CERN: We’re ditching Facebook Workplace. Here’s why

European scientific research giant CERN, the European Organization for Nuclear Research, has killed its use of Facebook’s Workplace collaboration platform because it is dissatisfied with the company’s approach to fees and data control.

CERN announced the move this week, which ends a nearly four-year trial with Facebook Workplace and means CERN will remove its presence from the platform on January 31, 2020. 

Full article at