A selection of this week’s more interesting vulnerability disclosures and cyber security news.
Following on from last week’s boundary issues, the can of worms that is flaky firmware on routers surfaced with the exposure of some serious issues in D-Link routers. I’ve previously pulled up other examples of lazy (in)security problems on such devices and it won’t go away. Another article too below from an industrial control perspective, while not quite your usual home IoT nightmare, it still has the same issues but the costs are much higher. For most, the awareness of what risk there is from a consumer device being plugged-in is going to be nil. We trust the things we are sold and assume they will have been designed in our best interests. Again, for everything that hits the home (or even business) network, I’m warming to Google’s view that you can’t let the trust-point be at the network perimeter any more. The local LAN should be classed as a risk, not as high as outside of course, and the devices are the last line…. Well maybe….
And the rest….