In-brief: A common configuration flaw may be behind a massive network of IoT devices used in “credential stuffing” attacks, according to the security firm Akamai.
SSH
DNS-Linked Flaw Leaves Many Systems Vulnerable
In-brief: Researchers at Google are warning about a previously undetected flaw in a widely used open source library could be exploited by attacks using overly long web domain names.
NetScreen Back Door Raises Internet Threat Level
In-brief: A widespread vulnerability in security products sold by the firm Juniper Networks prompted The Internet Storm Center to raise its threat level to “Yellow,” and urge administrators to patch affected devices immediately.
Juniper Warns of Mystery Backdoor In NetScreen Products
In-brief: the discovery of a mystery “back door” in software that runs Juniper’s NetScreen line of security products prompted an emergency warning and patch from the company, and raises the specter of nation-backed hacking.
Firm Finds Crypto Keys Recycled on Thousands of Devices
In-brief: Encryption keys used to secure data on- and communications between embedded devices are being recycled, creating a huge vulnerability that malicious hackers could exploit to snoop on sensitive communications or impersonate devices.