man-in-the-middle attack – Page 2

IoT Scale Flaws Enable Denial of Service, Privacy Issues

Posted on February 5, 2019 by Lindsey O'Donnell

Flaws in this connected smart scale might give the diet-challenged a legitimate reason to be nervous. Continue reading IoT Scale Flaws Enable Denial of Service, Privacy Issues→

Volunteer Project Takes Down 100,000 Malware Distribution Sites

Posted on January 24, 2019 by Lucian Constantin

A community of volunteer researchers has managed to take down around 100,000 malware distribution websites over the past 10 months as part of a new URL blacklisting project. The initiative, called URLhaus, was launched last March by abuse.ch, a non-pr… Continue reading Volunteer Project Takes Down 100,000 Malware Distribution Sites→

Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

Posted on January 22, 2019 by Swati Khandelwal

Just in time…

Some cybersecurity experts this week arguing over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification, just because APT on Linux also does the same.

Ironically, a s… Continue reading Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems→

U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable

Posted on January 11, 2019 by Lindsey O'Donnell

As the shutdown continues into its 21st day, dozens of .gov websites haven’t renewed their TLS certificates. Continue reading U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable→

Bleichenbacher’s CAT puts another scratch in TLS

Posted on December 4, 2018 by John E Dunn

Researchers demonstrate Cache-like ATacks against RSA key exchange. Continue reading Bleichenbacher’s CAT puts another scratch in TLS→

Seven Russian cyberspies indicted for hacking, wire fraud, ID theft

Posted on October 8, 2018 by John E Dunn

“Bungling” Russian GRU operatives picked up by Dutch police, linked to OPCW and World Anti-Doping Agency hacks. Continue reading Seven Russian cyberspies indicted for hacking, wire fraud, ID theft→

New Man-in-the-Disk attack leaves millions of Android phones vulnerable

Posted on August 14, 2018 by Swati Khandelwal

Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of servic… Continue reading New Man-in-the-Disk attack leaves millions of Android phones vulnerable→

Destructive and MiTM Capabilities of VPNFilter Malware Revealed

Posted on June 6, 2018 by Swati Khandelwal

It turns out that the threat of the massive VPNFilter botnet malware that was discovered late last month is beyond what we initially thought.

Security researchers from Cisco’s Talos cyber intelligence have today uncovered more details about VPNFilter … Continue reading Destructive and MiTM Capabilities of VPNFilter Malware Revealed→

Comcast Patches Router Bug That Leaked Some Wi-Fi Passwords

Posted on May 22, 2018 by Tom Spring

A bug in Comcast’s activation website for its Xfinity routers leaked sensitive customer data. Continue reading Comcast Patches Router Bug That Leaked Some Wi-Fi Passwords→

Cloudflare Launches Publicly DNS-Over-HTTPS Service

Posted on April 2, 2018 by Tom Spring

Clouldflare launches DNS-over-HTTPS service called 1.1.1.1 that it says will be a “privacy-first” DNS service for consumers. Continue reading Cloudflare Launches Publicly DNS-Over-HTTPS Service→