Foreign spies may be hiding in your VPN, warns DHS
Before we get into the latest scary-virtual private network (VPN) news, let’s do as Naked Security’s Paul Ducklin advises and repeat after him:
Before we get into the latest scary-virtual private network (VPN) news, let’s do as Naked Security’s Paul Ducklin advises and repeat after him:
A critical security flaw has been discovered in the TRON network which had the potential to render the ecosystem's blockchain useless.
On November 12, 2018, a small ISP in Nigeria made a mistake while updating its network infrastructure that highlights a critical flaw in the fabric of the Internet. The mistake effectively brought down Google — one of the largest tech companies in the world — for 74 minutes.
This should come as no surprise, but it still sucks big-time: thousands of people who downloaded a random, very popular app called WiFi Finder found that it got handsy with users’ own home Wi-Fi, uploading their network passwords to a database full of 2 million passwords that was found exposed and unprotected online.
A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world.
Over the past 18 months, revelations about wireless carriers selling smartphone location data to third parties have forced telecoms to promise reform. Worryingly, but perhaps not surprisingly, these user protections have been slow to actually materialize. Even if carriers shape up, though, an attacker can still track a smartphone's location and snoop on phone calls thanks to newly discovered flaws in 4G and even 5G protocols.
The FCC this week proclaimed that broadband connectivity saw unprecedented growth last year thanks to agency policies like killing net neutrality. The problem? That doesn’t appear to be true.
Over the weekend, a security researcher has discovered that nearly 19,500 Orange Livebox ADSL modems are leaking WiFi credentials.
As you travel this holiday season, bouncing from airport to airplane to hotel, you’ll likely find yourself facing a familiar quandary: Do I really trust this random public Wi-Fi network? As recently as a couple of years ago, the answer was almost certainly a resounding no. But in the year of our lord 2018? Friend, go for it.
Open-source software and components are critical to many of the online services we use today. Companies, ranging from the most well-known technology giants to SMBs, will often use open-source technologies to improve their own business processes and access useful software libraries.
Vulnerabilities on the Wi-Fi networks of a number of rail operators could expose customers' credit card information, according to infosec biz Pen Test Partners this week.
Despite the fact that so many aspects of a modern society rely on the proper and uninterrupted operations of critical infrastructure, security flaws across many industrial control systems (ICSs) are largely vulnerable to cyber-attacks.
Lately, stories of stolen data, compromised systems, and vulnerabilities that send us scrambling to patch, headline the news. It seems that we have been taking two steps forward and one step back when it comes to fighting the battle to protect our systems and networks.
Security threats abound on the internet, which is why ethical hackers and security researchers spend much of their time in search of these issues. As part of the work that they do to keep the internet safe, researchers at vpnMentor announced that they have found an RCE vulnerability in the majority of gigabit-capable passive optical network (GPON) home routers.
Over a third of critical infrastructure (CNI) outages in the UK over the past year were down to cyber-attacks, according to a new Freedom of Information request.
Everyone understands the benefits of the cloud, and the recent iboss 2018 Enterprise Cloud Trends Report shows adoption is increasing, with IT decision makers (ITDMS) planning to increase their SaaS spend from 21% of the overall IT budget to 28% over the next year. Despite this vote of confidence in the cloud from IT, the findings indicate that there is still a fundamental misunderstanding about the cloud that’s creating a disconnect – and misplaced concerns – among office workers and ITDMs.
Why hack a network when you can get a botnet to do it for you? It turns out that botnets might be an easier way to break into a network, not least by taking the grunt work out of it. It's not a new concept -- we've seen it before with bots running through lists of default usernames and passwords to hijack Internet of Things devices.
Internet-connected technology, also known as the Internet of Things (IoT), is now part of daily life, with smart assistants like Siri and Alexa to cars, watches, toasters, fridges, thermostats, lights, and the list goes on and on.
The cloud is fairly new territory for many organizations and, consequently, it’s an area where mistakes are made stemming from confusion around the role cloud service providers play in security, and how companies should work with them.
Despite the numerous advantages presented by cloud computing, security is still the biggest factor holding back more widespread adoption by businesses. A recent survey by AlienVault found that an overwhelming 90 percent of organisations are still concerned about cloud security.