Cross Site Scripting

Security Pro tilts at Smart Drill, finds It doesn’t suck

In-brief: Is there cause for hope? A new analysis of a connected power drill  by a researcher at DUO Security finds that it’s actually pretty secure. But challenges remain for connected device makers.

Survey: Hackers for Hire Find Most Networks Easy Prey

In-brief: A survey of penetration testers by Rapid7 finds most organizations are failing to detect malicious activity on their networks. 

Update: Vulnerability Prompts Warning: Stop Using Netgear WiFi Routers

In-brief: A serious security hole in the software that runs certain models of wifi routers made by the firm Netgear prompted warnings to customers to stop using them until a fix can be found. (Editor’s Note: updated with comment from Netgear. PFR 12/12/2016)

Podcast: Security is a Four Letter Word on the Internet of Things

Podcast: Play in new window | Download (43.0MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribe In-brief: In this podcast, Dennis Fisher of onthewire.io and I talk about securing the Internet of Things. 

CERT Warns Wind Turbines Open to Compromise

In-brief: Wind turbines made by the UK firm XZERES Wind are susceptible to common, web-based attacks including cross site scripting, according to a warning published by the Industrial Control System CERT (ICS-CERT).