Forescout Research Labs and JSOF researchers have discovered nine security flaws in four commonly used TCP/IP stacks that make 100+ million devices vulnerable to attack. The set of flaws, dubbed Name:Wreck, mainly impact Internet of Things (IoT) products and IT management servers. The TCP/IP stacks that integrate network communication protocols to connect devices and the Internet are found in operating systems such as the open-source FreeBSD and Siemens’ Nucleus NET. An attacker could crash a device, take it offline or gain control of it. Continue reading Millions of IoT Devices Open to Attack Due to Security Flaws

The Motion Picture Association submitted comments to the U.S. Trade Representative stating that VPNs, DNS masks and Tor networks can be a direct threat to legitimate streaming services. MPAA membership has been limited to top Hollywood studios such as Disney and Warner Bros. but that changed last year when Netflix joined. The mission, however, remains the same, which is to deter global piracy. The association goes after copyright infringers, be they site owners or app developers, and is also involved in lobbying. Continue reading MPAA Reports on Threat of Geolocation Piracy to Streaming

In a new partnership, Comcast will be the first Internet Service Provider (ISP) to offer users of Mozilla’s Firefox browser with private and secure encrypted Domain Name System (DNS) services via Mozilla’s Trusted Recursive Resolver (TRR) Program. Comcast’s DNS over HTTPS (DoH) will be activated by default for Firefox over Comcast’s Xfinity broadband network. Users will be able to switch to Cloudflare or NextDNS, which were already included in Mozilla’s program. No date of availability was released. Continue reading Comcast Inks Deal to Adopt Mozilla’s Firefox DNS Encryption

The National Security Agency (NSA) discovered a vulnerability in versions of Windows and, instead of retaining it, reported it to Microsoft, which is now patching the flaw in its handling of certificate and cryptographic messaging functions. The vulnerability could have enabled attackers to use malicious code that would pretend to be legitimate software. Microsoft also warned all current users of Windows 7 Home Basic, Home Premium, Professional or Ultimate to upgrade immediately. Continue reading NSA Discovers Windows Vulnerability — and Tells Microsoft

In response to a lawsuit from FairPlay, a coalition of major broadcasting and telco companies, the Canadian Federal Court issued its first pirate site blocking order. The order requires major ISPs to block the domains/IP addresses of GoldTV, a pirate IPTV service, and also opens the door to a more comprehensive push to block other pirate sites. FairPlay also wants to see the implementation of a national pirate site-blocking initiative. CRTC, Canada’s telco regulator, denied the first request, saying it had no jurisdiction. Continue reading Canadian Federal Court Issues Pirate Site Blocking Measure

After announcing its purchase of Eero last month, Amazon said the deal with the company, which makes easy-to-use Internet routers, just closed. According to Amazon senior vice president of devices and services David Limp, Eero will continue to be its own entity within Amazon, similar to Ring and Blink. Eero sells a package of one second-generation hub and two beacons for $400, which was discounted by $100 on the first day of the announcement. The package is enough to connect hardware in an apartment or small home. Continue reading Amazon, Eero Stress Privacy Policies Will Remain the Same