Items tagged with: Vulnerabilities

DOD Just Beginning to Grapple with Scale of Weapon Systems Vulnerabilities

In recent cybersecurity tests of major weapon systems DOD is developing, testers playing the role of adversary were able to take control of systems relatively easily and operate largely undetected.…
Article word count: 136

HN Discussion: https://news.ycombinator.com/item?id=18177617
Posted by molecule (karma: 7902)
Post stats: Points: 138 - Comments: 47 - 2018-10-09T16:55:53Z

\#HackerNews #beginning #dod #grapple #just #... show more

Report: NSA Still Plagued by Cyber Security Vulnerabilities

#cyber #edwardsnowden #nsa #oannewsroom #plagued #report #security #still #vulnerabilities
posted by pod_feeder
Report: NSA Still Plagued by Cyber Security Vulnerabilities

The Cybersecurity Hub is South Africa’s National Computer Security Incident Response Team (CSIRT) for reporting Phishing, Malware, Vulnerabilities, etc

The Cybersecurity Hub is South Africa’s National Computer Security Incident Response Team (CSIRT) and strives to make Cyberspace an environment where all residents of South Africa can safely communicate, socialise, and transact in confidence. It achieves this by working with stakeholders from government, the private sector, civil society and the public with a view to identifying and countering cybersecurity threats.

The Cybersecurity Hub enhances interaction, consultations and promotes a coordinated approach regarding engagements with the private sector and civil society. As a key point of contact for cybersecurity matters, it coordinates cybersecurity response activities and facilitates information and technology sharing.

The Cybersecurity Hub also provides information that creates awareness on cybersecurity as well as information that encourages South African citizens and organisations to be sec... show more

The Tapplock IoT padlock has multiple security vulnerabilities

Remember last week’s $99 IoT padlock that anyone could unlock in 2 seconds? Turns out you don’t even need that long!

HN Discussion: https://news.ycombinator.com/item?id=17344383
Posted by ptx (karma: 809)
Post stats: Points: 109 - Comments: 76 - 2018-06-19T07:07:59Z

\#HackerNews #has #iot #multiple #padlock #s... show more

A new set of vulnerabilities affecting users of PGP and S/MIME

HN link: https://news.ycombinator.com/item?id=17063109
Posted by rdhyee (karma: 322)
Post stats: Points: 140 - Comments: 35 - 2018-05-14T06:11:05Z

\#HackerNews #affecting #and #mime #new #pgp #set #users #vulnerabilities
HackerNewsBot debug: Calculated post rank: 105 - Loop: 50 - Rank min: 100 - Author rank: 92
The #NSA wants its #SimonAndSpeck #IoT algorithms to be a global standard, but no one trusts them after past #badbehavior sneaking #vulnerabilities into public #standards. https://www.bitdefender.com/box/blog/iot-news/nsa-wants-algorithms-global-iot-standard-theyre-simply-not-trusted/#new_tab


Obscure E-Mail Vulnerability

This vulnerability is a result of an interaction between two different ways of handling e-mail addresses. Gmail ignores dots in addresses, so bruce.schneier@gmail.com is the same as bruceschneier@gmail.com is the same as b.r.u.c.e.schneier@gmail.com. (Note: I do not own any of those email addresses -- if they're even valid.) Netflix doesn't ignore dots, so those are all unique e-mail addresses and can each be used to register an account. This difference can be exploited.

I was almost fooled into perpetually paying for Eve's Netflix access, and only paused because I didn't recognize the declined card. More generally, the phishing scam here is:

- Hammer the Netflix signup form until you find a gmail.com address which is "already registered". Let's say you find the victim jameshfisher.
- Create a Netflix account with address james.hfisher.
- Sign up for free trial with a thr
... show more
newer older