White hat hackers can hack cars, medical devices and home IoT devices without fear of running amiss of DMCA laws that prevent reverse engineering.
Tag Archives: Web Security
Outlook Web Access Two-Factor Authentication Bypass Exists
Two-factor authentication protecting Outlook Web Access and Office 365 portals can be bypassed-and the situation likely cannot be fixed, a researcher has disclosed.
Cisco Patches Critical Bugs in 900 Series Routers, Prime Home Server
Cisco Systems has issued two critical advisories addressing flaws in its 900 Series Routers and its Cisco Prime Home server.
Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk
Wix websites are vulnerable to reflective DOM cross-site scripting attack that could give attackers control of user’s websites.
Critical MySQL Vulnerabilities Can Lead to Server Compromise
Critical vulnerabilities in MySQL and database servers MariaDB and PerconaDB can lead to arbitrary code execution, root privilege escalation, and server compromise.
Sundown Exploit Kit ‘Larger Threat Than People Realize’
Cisco Talos identified the Sundown exploit kit as an up-and-coming contender that may soon rival RIG in terms of size and volume.
Microsoft Says Russian APT Group Behind Zero-Day Attacks
Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.
Google to Distrust WoSign, StartCom Certs in 2017
Google announced Monday that it will distrust certificates issued by WoSign and StartCom when in it ships Chrome 56 in January 2017.
Nymaim Dropper Updates Delivery, Obfuscation Methods
A variant of the Nymaim dropper has surfaced, and it includes new delivery methods, obfuscation techniques, and the use of PowerShell to download payloads.
WhatsApp Blasted by EU Data Protection Group Over Facebook Sharing
The Article 29 Working Party, an EU privacy coalition urges WhatsApp to clarify that user information shared between the company and Facebook is compliant with data protection laws on the books in Europe.