Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.
A new report is describing major security and privacy issues in several leading wearable fitness tracking devices and accompanying mobile apps. The research examined offerings by Apple, Basis, Fitbit, Garmin, Jawbone, Mio, Withings, and Xiaomi.
There is no silver bullet to eliminate every single threat that could strike an organization. But what we can do is take bits and pieces away from the equation to make it challenging and more difficult for attackers to get a foothold in the organization.