With 2015 more or less in the rear view mirror Mike Mimoso and Chris Brook discuss the year in security: Wassenaar, ransomware, mobile threats like Stagefright, Carbanak and Equation Group, and more.
Browsing Category: Vulnerabilities
Crypto and security experts digging into the Juniper backdoor have determined that attackers have subverted an alleged NSA backdoor in the Dual_EC_DRBG algorithm used in NetScreen firewalls.
Oracle will be required to provide users with a mechanism to uninstall older and vulnerable versions of Java, following a settlement with the Federal Trade Commission.
The password protecting one of the two Juniper backdoors was published after it was discovered by researchers at Fox-IT and Rapid7.
Automation and energy management company Schneider Electric patched a vulnerability in one of its product lines this week that left a handful of programmable automation controllers at risk of being hacked.
Juniper Networks has removed “unauthorized code” capable of decrypting VPN traffic that it found in ScreenOS, which runs many of its enterprise-grade NetScreen firewalls.
Facebook is at odds with a security researcher over a number of Instagram vulnerabilities that allowed the researcher to access SSL and other private keys, as well as user and employee data.
Rapid7 has reported and disclosed a half-dozen XSS and SQL injection flaws in popular network management systems, all of which can be reached via SNMP.
Researchers at Sucuri said attacks against a zero-day vulnerability in Joomla, which has been patched, have accelerated since the weekend.
UPDATE Cisco is warning users this week that several of its products — routers, gateways, data centers, and the like — suffer from vulnerabilities, including one critical one.