Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Home Routers Lack Basic Linux Security

More disconcerting news for router owners – a new assessment of 28 popular models for home users failed to find a single one with firmware that had fully enabled underlying security hardening features offered by Linux.

CITL (Cyber Independent Testing Laboratories) says it made this unexpected discovery after analysing firmware images from Asus, ...

Continue Reading →
0

Autonomous Vehicles Will Decide Who Gets Killed

In a not too distant future, you may be riding in an autonomous vehicle that is forced to decide between running over a pedestrian or a bicyclist.  Or whether to crash into a tree or another automobile.  It may make a decision you are not particularly happy with.  These decisions will rely on “artificial intelligence” built into these cars.  These decisions are being programmed right now by developers of autonomous vehicles.  ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Holiday Scams and Malware Campaigns

11/19/2018 09:18 PM EST Original release date: November 19, 2018

As the holidays approach, NCCIC reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Serious D-Link router security flaws may never be patched

Six routers with serious security flaws are considered end of life (EOL) and may never be updated.  The D-Link models affected are the DWR-116, DWR-140L, DWR-512, DWR-640L, DWR-712, DWR-912, DWR-921, and DWR-111, six of which date from 2013, with the DIR-640L first appearing in 2012 and the DWR-111 in ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Symantec SSL Certificates No Longer Secure

If you have a Symantec certificate on your HTTPS website, Chrome 70 and Firefox 63 will both be disowning any web certificates signed by Symantec.  From this month forward, anyone with Chrome or Firefox who browses to a web page “secured” with a Symantec certificate will see an unequivocal warning insisting that ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


MS-ISAC Releases Advisory on PHP Vulnerabilities

10/12/2018 06:37 PM EDT  Original release date: October 12, 2018

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system.  NCCIC encourages users and administrators to review Continue Reading →

0

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
0

What Might A Future Cyber-War Look Like?

We have entered the age of cyber war.   Believe it or not, cyber war operations are going on right now in many places across the globe.  Most of these operations are covert, and often hard to attribute directly to a particular nation-state or adversary.

Marc Cancian has written a gripping report titled Coping with Surprise in Great Power Conflicts.  It ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


[INFOGRAPHIC] Introducing The Psychology of Passwords

From LastPass – It feels like almost every day there’s another data breach in the news, or a case of user credentials up for sale on the Dark Web. Despite the headlines, and repeated warnings from experts about weak passwords and the dangers of password reuse, users have yet to change their online ...

Continue Reading →
0
Page 1 of 9 12345...»