TechnoBuffalo |
Become a certified computer security pro with this Cybersecurity Training Bundle
TechnoBuffalo With cybercriminals constantly finding new ways to infiltrate computer systems everywhere, it's unsurprising cybersecurity experts are in hot demand. You can easily join their ranks with the Computer Security Analysis and Penetration Testing Bundle … |
Owners of WeMo home automation devices should upgrade them to the latest firmware version, which was released this week to fix a critical vulnerability that could allow hackers to fully compromise them.
The vulnerability was discovered by researchers from security firm Invincea in the Belkin WeMo Switch, a smart plug that allows users to remotely turn their electronics on or off by using their smartphones. They confirmed the same flaw in a WeMo-enabled smart slow cooker from Crock-Pot, and they think it’s probably present in other WeMo products, too.
WeMo devices like the WeMo Switch can be controlled via a smartphone app that communicates with them over a local Wi-Fi network or over the Internet through a cloud service run by Belkin, the creator of the WeMo home automation platform.
To read this article in full or to leave a comment, please click here
Reuters |
Yahoo hack may become test case for SEC data breach disclosure rules
Reuters He cited reports that fewer than 100 of 9,000 public companies disclosed a material data breach since 2010. “I don't know that we need new rules. But in certain situations, you may need more aggressive enforcement," said Roberta Karmel, a Brooklyn Law … Yahoo! data breach likely exceeds 500 million records Our View: Data breach shows need for vigilance Yahoo data breach motivated by money, says ID protection company |
D-Link is working to fix a weakness that allows attackers to take over remote control of one of its cameras so they can eavesdrop, and the company is checking whether others of its products have similar vulnerabilities.
The vulnerability allows for the injection of malicious code and forces a password reset, which means attackers can gain remote access to the camera’s feed, thereby enabling eavesdropping, according to Senrio, a startup that monitors devices, scores how vulnerable they are and alerts when it detects suspicious behavior.
It also means that regardless of how strong a password users set up, it can be overridden.
The camera – D-Link DCS-930L Network Cloud Camera – might not be the only device affected by the vulnerability, a spokesperson for Senrio says. “Senrio has also agreed to evaluate a number of additional D-link products to assess if the vulnerability can be found in the firmware in those items,” the spokesperson said in an email.
To read this article in full or to leave a comment, please click here