"During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections."
"Router implants, from any vendor in the enterprise space, have been largely believed to be theoretical in nature and especially in use. However, recent vendor advisories indicate that these have been seen in the wild. Mandiant can confirm the existence of at least 14 such router implants spread across four different countries: Ukraine, Philippines, Mexico, and India."
The proposed HTTPS-Only Standard has now been finalized as the White House Office of Management and Budget memorandum M-15-13, "A Policy to Require Secure Connections across Federal Websites and Web Services".
Collection of articles regarding the "Export controls for conventional arms and dual-use goods and technologies" agreement. My list is mostly infosec focused (thus negative), but I'll add articles that are supportive as I find them.
"Make sure any TLS libraries you use are up-to-date and that you reject Diffie-Hellman Groups smaller than 1024-bit."
Another real vulnerability, with a fake anti-marketing campaign.
"Virtualized environment neglected operations manipulation" - CVE-2015-3456 is an out-of-bounds memory access flaw was found in the way virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the hosting process.
Flaw allowing opportunistic degradation of encryption to MITM MySQL traffic and strip SSL/TLS, as per CVE-2015-3152.
While this is a real issue, it's shown in an overblown nature to parody of the trend of naming vulnerabilities.
"Rowhammer is a perfect example of why everything should be authenticated all the way down. ECC is not enough."
"Unfortunately, the EXPORT ciphersuites didn't go away. Today they live on like zombies -- just waiting to eat our flesh."
SuperFish installs it's own root CA certificate to MITM all of the SSL traffic. This is some tragic news, as the matching private keypair is now common knowledge.
Apparently this was still very much embargoed, but it was published by the PR team. "Big Fail on my part."
This severe vulnerability allows an attacker to remotely take over the device with administrative privileges using a vulnerability present on millions of residential gateway (SOHO router) devices from different models and makers.Broadband routers employing the Allegro RomPager firmware prior to versions 4.34 contain a vulnerability in HTTP cookie processing code.
Less technical Articles