LAS VEGAS–Mobile broadband modems can be a great alternative if you can’t find a WiFi network or don’t trust the ones you can find. But many of the models sold by the major manufacturers contain bugs and functionality that a remote attacker can exploit without much difficulty. Much of the market for these devices is[…]
Browsing Tag: vulnerabilities
A security researcher has uncovered a simple method for bypassing the two-factor authentication mechanism that PayPal uses to protect accounts that are tied to eBay accounts. The vulnerability is related to the way that the login flow works when a user is prompted to connect her eBay account to her PayPal account. The eBay and[…]
A remote code execution vulnerability has been patched in Samba, open source software that enables file and print server interoperability for Windows clients with Linux and UNIX servers.
A talk at Black Hat will expose security weaknesses introduced by multipath TCP, extensions to TCP that bring resilience and efficiency to networking.
Tor is warning users of its hidden services to upgrade relays after attackers were discovered on the network trying to deanonymize users.
The informational systems that the National Oceanic and Atmospheric Administration (NOAA) runs are fraught with vulnerabilities and what the U.S. Department of Commerce deem “significant security deficiencies.”
Georgia Tech Research Institute has released an open source threat intelligence gathering tool called BlackForest that automates attack-data mining.
ISE will host a two-tracking hacking contest at DEF CON next week that focuses on the security of home and small office wireless routers.
Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of issues, four of which are remotely exploitable.
The developers of the TAILS operating system say that users can mitigate the severity of the critical vulnerability researchers discovered in the I2P software that’s bundled with TAILS with a couple of workarounds, but there is no patch for the bug yet.