In-brief: Infoworld’s Roger Grimes makes the case that Google’s recent Rowhammer exploit may be a sign of things to come as attackers look for common platforms to attack the Internet of Things.
Tag: vulnerabilities
Update: CAs Still Accepting E-mail as Proof of Domain Ownership
In-brief: Carnegie Mellon’s CERT issued a warning that many certificate authorities continue to issue domain certificates with no more proof than the right e-mail address. Updated to include comment from GlobalSign. Paul 3/27/2015
Bill in U.S. House would Open Doors to Threat Intel Sharing | Reuters
In-brief: Leaders of the House of Representatives Intelligence Committee introduced the Protecting Cyber Networks Act on Tuesday. The bill would make it easier for companies to share information about attacks with each other and with the government. It also addresses concerns about omnibus spying by U.S. intelligence agencies.
IoT Hackers: The FTC Wants You!
In-brief: The Federal Trade Commission announced this week that it is creating a new Office of Technology Research and Investigation to expand the FTC’s research into areas such as privacy, data security, connected cars, smart homes, algorithmic transparency, emerging payment methods, big data, and the Internet of Things.
Updated: Google warns of unauthorized TLS certificates trusted by almost all OSes | Ars Technica
In-brief: Google warned its users that unauthorized digital certificates have been issued for several of its domains. The certificates are linked to an intermediary certificate authority for CNNIC, which administers China’s domain name registry. Updated with comment from Kevin Bocek of Venafi. Paul 3/27/2015
