In-brief: Open redirects and forwards may be at the bottom of OWASP’s Top 10 list of web application security vulnerabilities, but they are still a potent and widespread problem, says Akamai’s Or Katz, who offers some suggestions for fixing it.
Cross Site Scripting
Study: Serious Web Security Flaws Rampant on Embedded Devices
In-brief: three quarters of embedded systems that sport web interfaces tested by researchers at universities in Germany and France contained serious security vulnerabilities, according to a new study. The results raise more questions about the security of embedded devices including home routers and home surveillance cameras.
Security Holes in Power Analyzers More Bad News for Industry
In-brief: Software security holes in widely used industrial equipment known as “power quality analysers” (sp) could enable remote attackers to disrupt or corrupt operations at firms across industries, according to a report released by the firm Applied Risk.
Panic in the Nursery: Research finds Baby Monitors make Easy Targets
In-brief: Researchers from the security firm Rapid7 revealed the findings of a survey of common wireless baby monitors and nanny-cams, and found a host of serious and, in some cases, remotely exploitable vulnerabilities.
New Ransomware, FessLeak, Taps Adobe Flash Flaws
In-brief: A new and sophisticated ransomware family dubbed “Fessleak” is spreading in malicious advertising (or “malvertising”) campaigns by exploiting newly disclosed flaws in Adobe’s Flash technology.
