1. Facebook Is Helping Website Owners Sniff Out Phishing Scams by David Cohen

It’s obviously been a trying couple of weeks for Facebook so it’s refreshing to actually see the company share some good news for a change. At its annual developers conference in San Jose this week the social network announced that its Certificate Transparency Monitoring tool would soon be able to inform site owners when their sites have been spoofed, either by a homograph attack, combo squatting, typosquatting, or other means. The attack methods aren’t new but they are still successful. A Chinese researchers warned how several browsers – Chrome, Firefox, and Opera – were vulnerable to the attack vector, last year. If you’re still confused try following this seemingly benign link for more: https://аррӏе.com/ Facebook developers said this week that going forward the site would determine whether new domains could be used for phishing and notify subscribers.

2. Shhlack Lets You Encrypt Slack Messages So Your Boss Can't See Private Conversations by AJ Dellinger

This news requires at the very least a tiny grain of salt but interesting news if you're a) a Slack user and b) a little paranoid when it comes to privacy. MindedSecurity, an information security consulting firm released an add-on of sorts for the ubiquitous collaboration tool that allegedly allows users to send end-to-end encrypted messages through the app. This is important because yes - if you didn't know - administrators are technically able to download and view chats on a work Slack. The tool, Shhlack, apparently leverages CryptoJS, a JavaScript library of encryption standards. It’s worth noting the tool isn’t a failsafe (as Gizmodo notes it’s not perfect) largely because there’s not a mobile version but also because it’s more or less an experiment. As Trail of Bits CEO Dan Guido opines, it's built with "broken, unauthenticated crypto," something that could make it vulnerable to crypto flaws further down the line. That said it could still be worth experimenting with, especially if it’s done around messages that aren’t super confidential.

3. Malware may have compromised some Florida Hospital patient information by Naseem Miller

Officials at several Florida hospitals are warning patients their information may have been impacted by a recent malware attack. Details are scant unfortunately but according to the Orlando Sentinel hospital sites like FloridaBariatric.com, FHOrthoInstitute.com and FHExecutiveHealth.com were all taken offline recently. Patients belonging to the first hospital, Florida Bariatric, may have had their names, email addresses, phone numbers, birth dates, height, weight, insurance carriers and the last four digits of Social Security numbers leaked. It's unclear whether the malware the newspaper is referring to is ransomware but given the rash of healthcare facilities hit by the threat lately, it's probably a safe bet.

Hospital photo by Natanael Melchor on Unsplash