In-brief: Researchers from the firm Cylance warned that an unpatched security flaw first discovered in 1997 could be used to attack a wide range of popular applications and steal user credentials.
Vulnerabilities
Certificate Interruptus: Survey Finds Heartbleed Fixes Incomplete At Most Firms
In-brief: Three quarters of Global 2000 organizations have yet to fully remediate the Heartbleed vulnerability one year after it was discovered, according to a study by the firm Venafi.
Drug Pumps Vulnerable to trivial Hacks, DHS warns
In-brief: The Department of Homeland Security warned that drug infusion pump management software sold by Hospira contains serious and exploitable vulnerabilities that could be used to remotely take control of the devices.
Is Google’s Rowhammer the Future of IoT Attacks?
In-brief: Infoworld’s Roger Grimes makes the case that Google’s recent Rowhammer exploit may be a sign of things to come as attackers look for common platforms to attack the Internet of Things.
IoT Hackers: The FTC Wants You!
In-brief: The Federal Trade Commission announced this week that it is creating a new Office of Technology Research and Investigation to expand the FTC’s research into areas such as privacy, data security, connected cars, smart homes, algorithmic transparency, emerging payment methods, big data, and the Internet of Things.
