Security News

YiSpecter iOS Malware Abuses Apple Enterprise Certs to Push Adware (Threatpost)
2015-10-05 16:49

New iOS malware called YiSpecter abuses Apple-issued enterprise developer certificates and private APIs to push adware onto devices in China and Taiwan.

D-Link accidentally leaks code-signing certs in its firmware (Help Net Security)
2015-09-18 10:52

Malware peddlers don't always have to steal or buy (from sellers on underground forums) legitimate and valid code-signing certificates to sign their malware with - sometimes the certificates can be fo...

Let's Encrypt certificate authority signs first cert (The Register)
2015-09-15 23:50

CERT Warns of Slew of Bugs in Belkin N600 Routers (Threatpost)
2015-08-31 20:06

The CERT/CC is warning users that some Belkin home routers contain a number of vulnerabilities that could allow an attacker to spoof DNS responses, intercept credentials sent in cleartext, access...

CERT warns DSL router users of vulnerability (SC Magazine)
2015-08-28 13:31

CERT Warns of Hard-Coded Credentials in DSL SOHO Routers (Threatpost)
2015-08-26 14:33

DSL routers from a number of manufacturers contain hard-coded credentials that could allow a hacker to access the devices via telnet services and remotely control them.

Researcher Says LG App Update Mechanism Doesn’t Verify SSL Cert (Threatpost)
2015-06-29 19:01

Many smartphones manufactured by LG contain a vulnerability that can allow an attacker to replace an APK file with a malicious file of his choice. The problem is the result of several conditions...

ISCsup2/sup launches security cert training for cloud-defending cherubs (The Register)
2015-06-23 10:11

Let's Encrypt CA to issue its first cert (Help Net Security)
2015-06-17 12:28

Let's Encrypt, a non-profit certificate authority (CA) set up by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University of Michigan, is finally ready ...

Vapourware no more: Let's Encrypt announces first cert dates (The Register)
2015-06-17 02:11