Vulnerabilities

Internet Explorer

Report: with most exploited vuln of 2018, it’s really Really REALLY time to ditch IE!

Microsoft’s products are still a leading source of exploitable security vulnerabilities used by hackers, according to a report by the firm Recorded Future.

Devices’ UPnP Service Emerges as Key Threat to Home IoT Networks

Home connected device users are putting their IoT networks at risk by leaving exposed a common service devices use to seamlessly connect and communicate with each other, according to cybersecurity firm Trend Micro. Hackers recently have been found to exploit the Universal Plug and Play (UPnP) service of poorly configured routers and home networking devices, as evidenced by an attack earlier this year that allegedly hijacked thousands of Chromecast streaming dongles, Google Home devices and smart TVs to play an ad for a YouTuber PewDiePie’s channel. This event prompted Trend Micro researchers dig deeper into UPnP, discovering that the potential to exploit this service remains significant as many home users are leaving UPnP enabled–unknowingly or not–and often with older, unpatched versions of the service installed on devices, they said. “In a nutshell, we found that most devices still use old versions of UPnP libraries,” wrote Tony Yang, a Trend Micro […]

Facebook opens up on System that ‘protects Billions’

Facebook used a blog post on Friday to describe, in detail, the systems that it uses to secure its vast social network, including custom designed tools and so-called “red team” hacks.

IP enabled camera

Report: IoT Still Wildly Insecure as New ‘Credential Compromise’ Threat Emerges

The new year isn’t bringing good news about Internet of Things security, as a new report sheds light on a flaw that allows bad actors to take unauthorized control of applications used by the IoT devices.

European GDPR concept flyer template illustration

Researchers: GDPR Already Having Positive Effect on Cybersecurity in EU

The General Data Privacy Regulation (GDPR) seems to already be having a positive effect on the state of cybersecurity in Europe less than seven months after it was enacted, showing that policy indeed can have a direct effect on organizations’ security practices, security researchers said.