pindrop-logo-2.svg
Search
Close this search box.
Search
Close this search box.

Senator Asks FCC Whether ISPs Can Block Insecure IoT Devices

Sen. Mark Warner on Tuesday sent a letter to the chairman of the FCC expressing concern about the emergence of the Mirai botnet and asking whether ISPs should have the ability to prevent compromised IoT devices from connecting to their networks. In his letter, Warner (D-Va.) said that the weak security of many embedded devices […]

Visa and Intel Collaborate on IoT Payment Security

As the security of IoT devices has become more and more of a problem, Visa and Intel are forming an alliance to make payments from those devices more secure and trustworthy. The partnership has two separate components: adding Visa’s encryption technology to devices that use Intel’s chipsets, and hardware-level device authentication to ensure that payments are […]

Malicious JPEG Can Lead to Code Execution on iPhones

Apple has patched several vulnerabilities in iOS that could lead to arbitrary code execution, including a handful of memory corruption bugs and a flaw that enables an attacker to use a malicious JPEG file to run arbitrary code. The release of iOS 10.1 includes patches for 13 vulnerabilities, many of which can be used for arbitrary […]

The Short Dumb Life Of the Internet of Things

We knew it was coming, we knew it would be bad, and we also knew it would be stupid. But just how bad and stupid the Internet of Things has become in its short life has surpassed even the most outrageously pessimistic predictions. Anyone who has been paying any kind of attention to IoT security, such […]

Ancient Privilege Escalation Bug Haunts Linux

Researchers are warning about a serious vulnerability in the Linux kernel that affects essentially all of the current versions of the operating system in use right now. The vulnerability is a local privilege-escalation flaw, which isn’t normally cause for much concern, because an attacker needs local access to a vulnerable device in order to exploit […]

Mozilla to Ship TLS 1.3 in Firefox 52

Mozilla plans to implement the next version of the TLS specification in an upcoming release of its Mozilla browser. TLS 1.3 will be shipped in Firefox 52, which is scheduled for release in March 2017. Mozilla’s Martin Thomson said in an email to the Mozilla development group Wednesday that the company will include TLS 1.3 […]

Yahoo Asks Government to Clarify Whether it Ordered Email Scanning

In an odd twist to an already odd story, Yahoo officials have asked the Director of National Intelligence to confirm whether the federal government ordered the company to scan users’ emails for specific terms last year and if so, to declassify the order. The letter is the result of news reports earlier this month that detailed […]

Mirai Source Code Release Leads to Huge Increase in Botnet

When the source code for the malware behind the Mirai botnet was released nearly three weeks ago, security researchers immediately began poring over it to see how the malware worked. Of course, attackers took notice too, and in that time, the number of devices infected by Mirai and associated with the botnet has more than […]

Recording Keystroke Sounds Over Skype to Steal User Data

Researchers have known for a long time that acoustic signals from keyboards can be intercepted and used to spy on users, but those attacks rely on grabbing the electronic emanation from the keyboard. New research from the University of California Irvine shows that an attacker, who has not compromised a target’s PC, can record the acoustic […]