In-brief: A common configuration flaw may be behind a massive network of IoT devices used in “credential stuffing” attacks, according to the security firm Akamai.
In-brief: Researchers at Google are warning about a previously undetected flaw in a widely used open source library could be exploited by attacks using overly long web domain names.
In-brief: A widespread vulnerability in security products sold by the firm Juniper Networks prompted The Internet Storm Center to raise its threat level to “Yellow,” and urge administrators to patch affected devices immediately.
In-brief: the discovery of a mystery “back door” in software that runs Juniper’s NetScreen line of security products prompted an emergency warning and patch from the company, and raises the specter of nation-backed hacking.
In-brief: Encryption keys used to secure data on- and communications between embedded devices are being recycled, creating a huge vulnerability that malicious hackers could exploit to snoop on sensitive communications or impersonate devices.