Security News

CVE-2015-3459 - Hospira Lifecare PCA infusion pump (the thing by hospital beds that pump medication into IVs) does not require authentication for Telnet sessions, which allows remote attackers to gain root privileges (Reddit)
2015-05-04 19:04

Automate root cause prevention of network compromise (Help Net Security)
2015-04-24 11:15

FireMon announced at RSA Conference 2015 significant advancement of its core platform through the introduction of Security Manager 8.0, which leverages highly automated analysis and monitoring of secu...

NetNanny Found Using Shared Private Key, Root CA (Threatpost)
2015-04-21 18:43

An issue with the content-control software NetNanny could open users’ systems up to man-in-the-middle (MiTM) attacks, HTTPS spoofing and intercept, researchers warned Monday.

Update: CNNIC Root and EV CAs will no longer be recognized in Google products (Reddit)
2015-04-12 11:57

Latest OS X update closes backdoor that allows root access (Help Net Security)
2015-04-10 11:26

On Thursday Apple released another batch of updates for a variety of its products. The security update for OS X Yosemite (10.10.3) includes a fix for a four-year-old "backdoor API to root privileges" ...

Latest version of OS X closes Backdoor-like bug that gives attackers root (ArsTechnica)
2015-04-09 21:55

Apple Leaves CNNIC Root in iOS, OSX Certificate Trust Lists (Threatpost)
2015-04-09 14:57

When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted...

Hidden backdoor API to root privileges in Apple OS X (Reddit)
2015-04-09 14:54

MCS PKI Incident Report (what caused CNNIC root revocation) (Reddit)
2015-04-03 04:25

FURIOUS Google erects wall around Chinese root cert kingpins CNNIC (The Register)
2015-04-02 13:55