Researchers claim attackers could control vehicle functions
Printers on Default Settings Still Open Backdoors
wireless-enabled printers remain deployed in a potentially vulnerable default configuration
Operation Dust Storm State Hackers Target Japan
Cylance report claims group has been around since 2010
MouseJack Flaw Affects Billions of Devices
Attackers can remotely hack wireless mice from within 100 meters away.
Most SSL VPNs are Wildly Insecure
SHA-1, Heartbleed and the insecure SSLv3 protocol all plague the arena.
Last Year 700 Million Records Were Compromised
Gemalto study points to ID theft as chief cause
TEISS – Brexit Will be Damaging for Information Sharing Initiatives
The potential British exit from the European Union could disrupt an engine for economic growth.
I Might Be Afraid Of This Ghost
CVE-2015-7547 is not actually the first bug found in glibc’s DNS implementation. A few people have privately asked me how this particular flaw compares to last year’s issue, dubbed “Ghost” by its finders at Qualys. Well, here’s a list of what that flaw could not exploit: apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, […]
A Skeleton Key of Unknown Strength
TL;DR: The glibc DNS bug (CVE-2015-7547) is unusually bad. Even Shellshock and Heartbleed tended to affect things we knew were on the network and knew we had to defend. This affects a universally used library (glibc) at a universally used protocol (DNS). Generic tools that we didn’t even know had network surface (sudo) are thus […]