Articles for January 2017

Again bad news for consumers with Netgear routers: Netgear routers hit by another serious security vulnerability, but this time more than two dozens router models are affected.

Security researchers from Trustwave are warning of a new authentication vulnerability in at least 31 models of Netgear models that potentially affects over one million Netgear customers.

The new vulnerability, discovered by Trustwave’s SpiderLabs researcher Simon Kenin, can allow remote hackers to obtain the admin password for the Netgear router through a flaw in the password recovery process.

Source: Check If Your Netgear Router is also Vulnerable to this Password Bypass Flaw

We’ve got some suggestions to help you prepare for the biggest shake-up to data security for decades

Source: GDPR is just over a year away – and many firms are nowhere near ready – Naked Security

Malicious Word document with ‘Russian doll’ technique targets NATO countries.

Source: These hackers set a ‘trap’ for security researchers probing their malware | ZDNet

Don’t bother with antivirus, it does more harm than good, warns former Mozillian.

Source: ​Ex top Mozilla dev to Windows users: Ditch all antivirus except Microsoft’s Defender | ZDNet

Restrictions will make it harder to reach providers like Facebook, Google and news providers such as the New York Times

Source: China clamps down tighter on web use with new VPN ban – Naked Security

But opinions have shifted since the FBI sued Apple to build a backdoor in a terrorist’s iPhone.

Source: ZDNet

Over 200,000 messages were compromised due to a security flaw.

Source: AlphaBay Dark Web marketplace hacked, private messages leaked | ZDNet

It isn’t often that good news makes headlines, especially in the security world. Dovecot bucked the trend earlier this month, with a cybersecurity audit that praised the mail server as “near-impenetrable”. Commendations like that are rarer than hens’ teeth. What can we learn from it?

Source: World’s most popular email server praised as ‘near-impenetrable’ – Naked Security

The cybersecurity firm has once again been left red-faced after issuing insecure certificates.

Source: Symantec revokes faulty security certificates | ZDNet

Reports suggest a large-scale DDoS attack from overseas blocked Lloyds, Halifax, and Bank of Scotland customers from accessing online services.

Source: Lloyds Bank services hit by denial-of-service attack | ZDNet