Post Tagged with: "vulnerabilities"

Is Google’s Rowhammer the Future of IoT Attacks?

March 30, 2015 14:410 comments
Is Google’s Rowhammer the Future of IoT Attacks?

In-brief: Infoworld’s Roger Grimes makes the case that Google’s recent Rowhammer exploit may be a sign of things to come as attackers look for common platforms to attack the Internet of Things.  Like this:Like Loading…

Read more ›

Update: CAs Still Accepting E-mail as Proof of Domain Ownership

March 27, 2015 13:220 comments
Many certificate authorities allow an e-mail address to serve as proof of domain ownership.

In-brief: Carnegie Mellon’s CERT issued a warning that many certificate authorities continue to issue domain certificates with no more proof than the right e-mail address. Updated to include comment from GlobalSign. Paul 3/27/2015 Like this:Like Loading…

Read more ›

Bill in U.S. House would Open Doors to Threat Intel Sharing | Reuters

March 25, 2015 11:310 comments
A bill introduced in the House of Representatives promises to open to door to companies sharing information on cyber incidents, but keep data out of the hands of U.S. intelligence agencies.

  In-brief: Leaders of the House of Representatives Intelligence Committee introduced the Protecting Cyber Networks Act on Tuesday. The bill would make it easier for companies to share information about attacks with each other and with the government. It also addresses concerns about omnibus spying by U.S. intelligence agencies.  Like this:Like Loading…

Read more ›

IoT Hackers: The FTC Wants You!

10:180 comments
The FTC is creating a new Office of Technology Research and Investigation to step up efforts to protect consumers in an age of "rapid technological innovation."

In-brief: The Federal Trade Commission announced this week that it is creating a new Office of Technology Research and Investigation to expand the FTC’s research into areas such as privacy, data security, connected cars, smart homes, algorithmic transparency, emerging payment methods, big data, and the Internet of Things. Like this:Like Loading…

Read more ›

Updated: Google warns of unauthorized TLS certificates trusted by almost all OSes | Ars Technica

March 24, 2015 10:490 comments
Updated: Google warns of unauthorized TLS certificates trusted by almost all OSes | Ars Technica

In-brief: Google warned its users that unauthorized digital certificates have been issued for several of its domains. The certificates are linked to an intermediary certificate authority for CNNIC, which administers China’s domain name registry. Updated with comment from Kevin Bocek of Venafi. Paul 3/27/2015  Like this:Like Loading…

Read more ›
%d bloggers like this: