Networked devices behind a firewall are at risk to attack because of poor authentication in the UPnP protocol in most home routers.
Tag Archives: CERT/CC
Hacking Team Promises to Rebuild Controversial Surveillance Software
Hacking Team promised to rebuild its controversial surveillance software while two more Adobe Flash Player zero day vulnerabilities were uncovered.
Details Surface on Unpatched KCodes NetUSB Bug
KCodes NetUSB, a Linux kernel module that provides USB services over IP, contains unpatched vulnerabilities according to an alert from CERT/CC and Sec Consult
ICU Project Overflow Vulnerabilities Patched
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.
PrivDog Adware Poses Bigger Risk Than Superfish
Another shady piece of adware called PrivDog has been unearthed with a similar Superfish-type vulnerability that breaks SSL connections.
CERT/CC Enumerates Android App SSL Validation Failures
The CERT Coordination Center at Carnegie Mellon today released a list of Android applications hosted on Google Play and Amazon that it says fail to validate SSL certificates over HTTPS.