Brazilian researcher discovers double security threat in Arris cable modems which allows an attacker to rewrite the firmware without the owner’s knowledge. Link: 600,000 cable routers found to have a backdoor within a backdoor
Node.js is facing two security vulnerabilities, including a potentially major denial-of-service issue, with patches for the problems not available for a week. Releases of Node.js ranging from 0.12 to version 5 are vulnerable to one or both issues. A bulletin issued today by the Node. Link: Node.js discloses two critical security vulnerabilities
Privacy is the term of the century. It seems like every time we get past one hurdle, a new one pops up, such as data breaches or unknown hackers. The Internet community is constantly, consistently trying to protect your privacy. Take email: It’s our most-used mode of communication. Link: Google’s New Gmail Security Feature
It’s what we all assumed, but quietly hoped wasn’t quite this bad. Lazy makers of home routers and the Internet of Things are reusing the same small set of hardcoded security keys, leaving them open to hijacking en masse, researchers have warned. Link: Lazy IoT, router makers reuse skeleton keys over and over in thousands …
It was a popular item, getting a bunch of retweets. But I realized later that I was wrong to post it, because I fell right into a trap the surveillance statists have been laying. Link: Even If Terrorists Do Use Strong Encryption, We Still Need It — Backchannel — Medium
