New Firefox Testing Feature Warns Of Insecure Website Password Submission

Consumers are exposed to a myriad of cyber threats which are intent upon harvesting as much information as possible, from bogus emails offering state cash refunds to spoofed pages which purport to be from a genuine vendors, but are in fact aiming to collect sensitive consumer details. Well known and popular browser Mozilla Firefox have recognised the importance of alerting consumers to the security of password submission by offering a simple yet important safeguard within the latest Firefox Nightly build.

The security measure in question is in the form of a faded crossed out padlock icon within the address bar of the browser, thankfully it’s more useful than simply a new icon. The aim of this new feature is to warn consumers if a password field is not submitted over HTTPS and thus regarded as insecure. If a consumer clicks on the icon it will provide further details as to why a particular site is considered insecure, below is an image to convey the change. This feature is currently “only in testing as part of Firefox 44 Nightly”.

This new yet simple feature is a good way of informing consumers as to the risks of submitting a password over an insecure method, cyber security is a hot topic and the more every individual knows the better. It will be interesting to note the rollout timescale of this feature once Firefox confirms it for its finished builds. On a side note, let’s hope consumers actually update their browsers in order to benefit from the latest security fixes, I bet many a reader knows someone who is running a version of Firefox that is at least 10 versions behind that of the currently available.

Image courtesy of technodyan

GCHQ Wants to Share Cyber Threat Analysis With Private Companies

The GCHQ intelligence agency plans to become more proactive in its fight against cyberattacks, opening up cyber threat intelligence information with private companies. It’s a unique turn of events following former NSA contractor Edward Snowden’s snooping disclosures, which also accused the GCHQ of organized surveillance activities.

To bolster support for the initiative, Cabinet Office minister Francis Maude mentioned how a “state-sponsored” criminal group accessed an account on an intranet government secure network.

Here is what GCHQ said in a statement:

“GCHQ will commit to sharing its classified cyber threat information at scale and pace to help communications service providers protect their customers; starting with suppliers to government networks and then moving on the other sectors of critical national infrastructure.”

The GCHQ hopes to help companies become the first line of security defense against sophisticated cyberattacks – a growing problem, as cybercriminals are becoming increasingly sophisticated when launching attacks. Compromised stolen data is worth big bucks on the underground market, with bulk records from data breaches available for sale.

The UK has seen an uptick of organized attacks from China and Russia, in an effort to steal intellectual property and gain a competitive advantage, which officials are keen to defend.

Thank you to the Engineering and Technology Magazine for providing us with this information

Image courtesy of Wired UK