Mike Mimoso and Dennis Fisher talk about the Windows Schannel vulnerability and whether it’s ripe for mass exploitation, as well as the WireLurker attack and why Apple hasn’t addressed it.
Tag Archives: Vulnerabilities
Internet Voting Hack Alters PDF Ballots in Transmission
Researchers have published a paper that describes an Internet voting hack that alters PDF ballots in transmission.
Microsoft Schannel Bug Latest in Long Line of Serious Crypto Flaws
The critical vulnerability in the Schannel technology in Windows that Microsoft patched Tuesday is ripe for exploitation, experts say, and continues the long line of severe vulnerabilities in major SSL/TLS implementations in recent months. Secure Channel, also known as Schannel, is a technology that’s used in Windows to implement SSL and TLS, the main secure […]
Adobe Patches 18 Vulnerabilities in Flash
Adobe pushed out security updates for Flash Player this afternoon, addressing 18 different vulnerabilities, all critical, that could allow an attacker to take control of an affected system.
SSL MiTM Vulnerability Among Vulns Patched in Pidgin
Five vulnerabilities were patched in the most recent update to the open source Pidgin instant messaging client.
Avoiding the Dark Security Future
LAS VEGAS–Nick Percoco has been thinking a lot about the future of technology, and some of the things he’s dreamed up aren’t very pretty: farms of people renting out their spare brain cycles, autonomous cars that freak out and careen into oncoming traffic and hacking groups hijacking users’ augmented reality gear and demanding ransoms to unlock […]
Securing an Internet Made From ‘Duck Tape and Baling Wire’
LAS VEGAS–The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it’s a frighteningly fragile construction. Attackers know this as well as anyone, and […]
Be Ready: Next Internet Bug Won’t Be The Last
Panelists at the Advanced Cyber Security Center annual conference discuss how readiness for the next Internet-scale bug is no longer a luxury.
NSA Director Says Agency Shares Vast Majority of Bugs it Finds
When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it’s typically deployed, before deciding whether to share the new bug. The agency shares most of the bugs […]
Google Releases Nogotofail Tool to Test Network Security
The last year has produced a rogues’ gallery of vulnerabilities in transport layer security implementations and new attacks on the key protocols, from Heartbleed to the Apple gotofail flaw to the recent POODLE attack. To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing a […]