SEARCH
Flaw in Plug-and-Play Protocol Exposes Devices to Data Theft, DDoS Attacks
Billions of network-connected devices, such as printers, routers, smart TVs, and video game consoles, are open to attack via the CallStranger vulnerability in the Universal Plug and Play (UPnP) protocol.
IBM Releases Open Source Encryption Toolkit
Protecting data while in use is a challenge. IBM released an open source toolkit to help developers implement fully homomorphic encryption in their applciations.
Google Adds WebAuthn Support for Security Keys on iOS
People enrolled in Google's Advanced Protection Program can now use hardware keys that support WebAuthn with their iOS devices.
Into the Great Wide Open With CVE-2020-0688
Hundreds of thousands of Exchange servers are still vulnerable to a dangerous flaw (CVE-2020-0688) four months after Microsoft released a patch for it.
Many Exim Servers Remain Vulnerable to Year-Old Flaw
New data shows that hundreds of thousands of Exim servers are still running versions vulnerable to flaws disclosed and patched last year.