OpenVPN patched four vulnerabilities privately disclosed by Dutch researcher Guido Vranken, including a critical issue that could lead to remote code execution.
Microsoft Extends Edge Bug Bounty Program Indefinitely
Microsoft said Wednesday it would extend its Edge bug bounty program indefinitely.
Say Goodbye to SMBv1 in Windows Fall Creators Update
The SMBv1 file-sharing protocol abused by the NSA’s EternalBlue exploit to spread WannaCry ransomware is being disabled in the upcoming Windows Fall Creators Update, or Redstone 3.
Internet-Enabled Drill Demonstrates IoT Security Done Right
Researchers find flaws in an internet-connected drill, but say minimal, hard-to-find bugs indicate there is hope for IoT security.
TP-Link Fixes Code Execution Vulnerability in End-of-Life Routers
Router manufacturer TP-Link recently fixed a vulnerability in a discontinued line of routers that if exploited could have been used to execute code on the device.
Stack Clash Vulnerability in Linux, BSD Systems Enables Root Access
Patches are available for a newly discovered Linux, BSD and Solaris vulnerability called Stack Clash that bypasses stack guard-page mitigations and enables root access.
Wikileaks Alleges Years of CIA D-Link and Linksys Router Hacking Via ‘Cherry Blossom’ Program
The latest dump from Wikileaks alleges the CIA installed custom router firmware on unsuspecting targets in order to spy on internet activity.
News in brief: Samsung customers exposed; emergency service drones; potatoes on the Moon?
Your daily round-up of some of the other stories in the news!
Rare XP Patches Fix Three Remaining Leaked NSA Exploits
Microsoft released patches on Tuesday for unsupported versions of Windows, a decision prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak.
Post-WannaCry, 5.5 Million Devices Still Expose SMB Port
In its annual National Exposure Index report, Rapid7 found 160 million computers, IoT devices and servers with open ports that should not be exposed to the public network.