Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a remote, unauthenticated attacker to carry out impersonation, man-in-the-middle, or passive decryption attacks, Carnegie Mellon University's CERT/CC warns.
Hacker and security researcher Samy Kamkar, who's noted for being the author of the first Web 2.0 worm, creating zombie cookies, and USBdriveby, has now come out with a new project.
The main piece of news on Monday was that Dell's desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private cryptographic key for it.
What’s stronger than a speeding locomotive and can survive the heat of a fire? Data.
The security of mainframe computers - the so-called "big iron", which is mainly used by large organizations for critical applications, bulk data and transaction processing - is not a topic that has garnered much interest from the public.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.