취약점 정보2 썸네일형 리스트형 [펌웨어] ipTIME 유무선 인터넷 공유기 112종 펌웨어 9.58 배포 아래와 같이 펌웨어 9.58 정식 버전을 배포합니다. 대상 제품 11AC 무선 공유기 ipTIME A5004NS/A3004NS/A3004/A2004NS/A2004NSplus/A2004/A2004plus/A2008/A1004/A1004V/A104/A104NS 11N 무선 공유기 ipTIME N6004R/N8004R/N8004V/N8004/N804A3/N804T3/N904/N904plus/N904V/N904Vplus ipTIME N704V3/N704BCM/N704A3/N604S/N604A/N104S-r1/Smart/N904NS/N704NS/N604T/N604Tplus ipTIME N7004NS/N104V/N604V/N604Vplus/N604R/N604Rplus/N604plus/N104R/N104Q/N104p.. 더보기 Yahoo End-to-End E-mail Encryption Plugin At Yahoo, we’re committed to protecting our users’ security. That’s why I’m so proud to share some updates on our latest security innovation: an end-to-end (e2e) encryption plugin for Yahoo Mail.Just a few years ago, e2e encryption was not widely discussed, nor widely understood. Today, our users are much more conscious of the need to stay secure online. There is a wide spectrum of use for e2e e.. 더보기 Microsoft EMET 5.2 is available Microsoft has announced a new release of the Enhanced Mitigation Experience Toolkit (EMET) 5.2.The main the main changes and improvements as the following:Control Flow Guard: EMET’s native DLLs have been compiled with Control Flow Guard (CFG). CFG is a new feature introduced in Visual Studio 2015 (and supported by Windows 8.1 and Windows 10) that helps detect and stop attempts of code hijacking... 더보기 Lenovo Superfish Adware Vulnerable to HTTPS Spoofing Systems AffectedLenovo consumer PCs that have Superfish VisualDiscovery installed and potentially others.OverviewSuperfish adware installed on some Lenovo PCs install a non-unique trusted root certification authority (CA) certificate, allowing an attacker to spoof HTTPS traffic.DescriptionStarting in September 2014, Lenovo pre-installed Superfish VisualDiscovery spyware on some of their PCs. How.. 더보기 Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofingDescriptionKomodia Redirector SDK is a self-described "interception engine" designed to enable developers to integrate proxy services and web traffic modification (such as ad injection) into their applications. With the SSL Digestor module, HTTPS traf.. 더보기 DNS-based DDoS ISC reader Zach reports that his company currently sees about 4Gbps of DNS requests beyond what is "normal", and all seem to originate from 91.216.194.0/24. Yup, someone on that IP range in Poland is likely having a "slow network day".To make it less likely that your DNS servers unwittingly participate in a denial of service attack against someone else, consider using rate-limiting. If you are n.. 더보기 Update to kippo-log2db.pl I discovered an issue with the tool I wrote about last June. I've updated kippo-log2db.pl correcting an error where it was populating the sensor column of the session table improperly. I discovered the error after loading some data into MySQL and then attempting to use Ion's kippo2elasticsearch script to move the data into ElasticSearch. I've also discovered an anomaly that I have not yet taken .. 더보기 BURP 1.6.10 Released The fine folks at Portswigger released the lastest version of BURP last week - v1.6.10New checks include:Server-side include (SSI) injectionServer-side Python code injectionLeaked RSA private keysDuplicate cookies setAlso new APIs are added to Burp Extender, and changes to SSL handling in newer versions of Java (SNI handling in the handshake)Full details at: http://releases.portswigger.net/ 더보기 Automotive Security: Connected Cars Taking the Fast Lane Hearing about vulnerabilities in your car’s operating system might seem strange. But it’s now something we all need to get used to.Last January 30, several security loopholes in BMW’s ConnectedDrive system, that could allow potential thieves to unlock doors and track car data using a mobile device, as the security gap may affect the transmission path via the mobile phone network were revealed. T.. 더보기 Adobe Flash Player Update Released, Fixing CVE 2015-0313 An update has been released for Adobe Flash that fixes according to Adobe the recently discovered and exploited vulnerability CVE-2015-0313. Currently, the new version of Flash Player is only available as an auto-install update, not as a standalone download. To apply it, you need to check for updates within Adobe flash. (personal note: on my Mac, I have not seen the update offered yet).The new F.. 더보기 이전 1 ··· 41 42 43 44 45 46 47 48 다음