September is National Preparedness Month

Original release date: September 05, 2018

National Preparedness Month is a good opportunity to assess your emergency preparedness. While general preparedness is essential to getting through an emergency related to a natural disaster, the same is…

Original release date: September 05, 2018

National Preparedness Month is a good opportunity to assess your emergency preparedness. While general preparedness is essential to getting through an emergency related to a natural disaster, the same is true of preparing for a cyber-related event, such as identity theft or a ransomware infection.

NCCIC encourages users and administrators to be prepared in case of a cyber-related event by regularly backing up files, keeping digital copies of important documents somewhere other than your computer (e.g., in the cloud), and regularly running antivirus scans.

Learn more about individual and family emergency preparedness at Ready.gov. For additional resources on preparing for and responding to unexpected cyber-related events, see Ready.gov/Cybersecurity and the following NCICC Tips:


This product is provided subject to this Notification and this Privacy & Use policy.


Google wants to get rid of URLs but doesn’t know what to use instead

Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible.

Article intro image

Enlarge / This is how a Chrome 57 displays https://www.xn--80ak6aa92e.com/. Note the https://www.apple.com in the address bar.

Uniform Resource Locators (URLs), the online addresses that make up such an important part of the Web and browsers we use, are problematic things. Their complex structure is routinely exploited by bad actors who create phishing sites that superficially appear to be legitimate but are in fact malicious. Sometimes the tricks are as simple as creating a long domain name that's too wide to be shown in a mobile browser; other times, such as in the above picture, more nefarious techniques are used.

It's for this reason that a number of Chrome developers want to come up with something new. But what that new thing should be is harder to say.

Browsers are already taking a number of steps to try to tame URLs and make them less prone to malicious use. Chrome's use of "Not Secure" labels instead of showing the protocol name (http or https) replaces a piece of jargon with something that anyone can understand. Most browsers these days use color to highlight the actual domain name (printed in black type) from the rest of the URL (printed in grey type); Apple's Safari goes a step further, with its address bar suppressing the entire URL except for the domain name, revealing the full text only when the address box is clicked. Microsoft's Edge (and before it, Internet Explorer) dropped support for URLs with embedded usernames and passwords, because their legitimate uses were overwhelmed by malicious ones.

Read 3 remaining paragraphs | Comments

Google Releases Security Update for Chrome

Original release date: September 04, 2018

Google has released Chrome version 69.0.3497.81 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.NCCIC encourages u…

Original release date: September 04, 2018

Google has released Chrome version 69.0.3497.81 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.