Networked devices behind a firewall are at risk to attack because of poor authentication in the UPnP protocol in most home routers.
Browsing Category: Web Security
The CERT/CC is warning users that some Belkin home routers contain a number of vulnerabilities that could allow an attacker to spoof DNS responses, intercept credentials sent in cleartext, access the web management interface, and take other actions on vulnerable routers. The vulnerabilities affect the Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2 with[…]
The National Science Foundation awarded $6 million in grants to fund projects working toward securing networked things.
CoreBot is new information-stealing malware in the wild with a modular design that could turn the credential-stealing malware into something much worse.
An attack that uses the same path names, Java payloads, and Java exploit as one earlier this summer was found leveraging a fake EFF site.
Dennis Fisher and Mike Mimoso discuss the quasi-interesting fallout from the Ashley Madison hack, the appeals court decision about the Wyndham data breaches, and Charlie Miller leaving Twitter.
U.S. businesses are losing millions in fraudulent wire transfers that have their root in email compromises of accounts belonging to top executives.
Google on Tuesday will begin pausing Flash ads by default in Chrome, a move that is designed mainly to help improve browser speed, but that will also be a security upgrade for users. The company announced the plan back in June and said this week that it will make the behavior the default setting for[…]
BitTorrent today announced that a patch has been rolled out in the libuTP protocol used by many of its clients, fixing a vulnerability that allows attackers to carry out distributed reflective denial of service attacks.
Adobe today pushed out a hotfix to ColdFusion implementations patching a vulnerability it had already patched nine days ago on the LiveCycle Data Services application framework.