Security News

Microsoft kills many critical flaws, some 0-days, un-trusts one wildcard cert (Help Net Security)
2015-12-09 13:27

For this December Patch Tuesday, Microsoft has released twelve security bulletins, eight of which have been rated critical. Those refer to the cumulative security updates for Internet Explorer, Mic...

Microsoft Patches 71 Flaws, Two Under Attack; Warns of Leaked XBox Live Cert (Threatpost)
2015-12-08 19:57

Microsoft patches 71 vulnerabilities in its December Patch Tuesday security bulletins, including two currently under attack. It has also revoked a leaked Xbox Live certificate and private key.

Windows machines stop trusting Dell's two unconstrained root CA certs (Help Net Security)
2015-12-01 13:31

Microsoft has updated the Certificate Trust list for all supported releases of Microsoft Windows so that the two digital certificates (complete with inadvertently disclosed private keys) used by Dell ...

Week in review: Dell computers shipped with root CA cert and private key, analytics services tracking users via Chrome extensions (Help Net Security)
2015-11-30 06:57

Here's an overview of some of last week's most interesting news and articles: Four ways an attacker can infiltrate an organization by diverting security solutions Even if we theoretically had th...

More than 900 embedded devices share hard-coded certs, SSH host keys (Help Net Security)
2015-11-26 09:20

Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a remote, unauthenticated attacke...

Another root CA cert with key found on Dell's machines (Help Net Security)
2015-11-25 13:10

The main piece of news on Monday was that Dell's desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private cryptographic key for it. Attacke...