- Security Blog
- By Catalin Cimpanu
- October 11th, 2015
Netgear Router Bug Allows Attackers to Redirect Web Traffic Through Their Servers
Netgear fixed its firmware but has not yet released it
- Security
- By Catalin Cimpanu
- October 9th, 2015
Apple Bans Some Ad Blockers from the App Store for Breaking User Privacy and Wrecking SSL Security
Some ad blockers were performing an MitM attack and rerouting user Web traffic through external servers
- Security
- By Ionut Ilascu
- June 30th, 2015
Millions of Xiaomi Users Potentially at Risk from Security Flaw in Mi Market App
Company patches glitch but risk still exists
- Security
- By Ionut Ilascu
- June 29th, 2015
LG’s Update Center App Fails to Check Server’s SSL Certificate, MitM Risk
Attacker can push malicious apps as part of update routine
- Security
- By Ionut Ilascu
- June 24th, 2015
Instapaper Android App Does Not Validate Certificates for Secure Communication
Risk of losing login data in man-in-the-middle attack
- Security
- By Ionut Ilascu
- June 12th, 2015
Apple Fixed a Nasty MitM Vulnerability in the Latest watchOS
Details emerge on DoubleDirect risk in Apple Watch
- Security
- By Ionut Ilascu
- May 2nd, 2015
MySQL Vulnerability Allows Client to Send Data via Unencrypted Connection
Flaw is exploitable via man-in-the-middle attacks
- Security
- By Ionut Ilascu
- April 28th, 2015
Popular Apps in Google Play Fail Certificate Validation, Expose User Credentials
Sensitive user data can be intercepted via trivial MitM
- Security
- By Ionut Ilascu
- April 25th, 2015
Over 25,000 iOS Apps Affected by Bug Breaking HTTPS
Apps from major developers are impacted by the flaw
- Security
- By Ionut Ilascu
- April 23rd, 2015
Net Nanny Parental Control Software Vulnerable to HTTPS Spoofing
Installations use shared private key and root certificate
- Security
- By Ionut Ilascu
- April 21st, 2015
iOS Apps Vulnerable to HTTPS Data Decryption
Millions of users are potentially affected
- Security
- By Ionut Ilascu
- April 14th, 2015
18-Year-Old Windows Glitch Revived to Steal Login Credentials
Security flaw affects products of 31 vendors, no fix yet
- Security
- By Ionut Ilascu
- February 26th, 2015
Signs of Superfish-like MitM Attacks Discovered in the Wild
More than 1,600 domains have been discovered
- Security
- By Ionut Ilascu
- February 23rd, 2015
Comodo’s PrivDog Breaks HTTPS Security Possibly Worse than Superfish
Non-valid certs signed by self-generated root certificate
- Editorials
- By Ionut Ilascu
- February 23rd, 2015
Lenovo’s Superfish Super-Blunder
It should not have happened in the first place
- Security
- By Ionut Ilascu
- February 21st, 2015
Lenovo, Microsoft Move to Make Superfish Super Gone
Root certificate completely eliminated on Windows
- Security
- By Ionut Ilascu
- February 20th, 2015
44,000 Superfish MitM Certificates Found in Mozilla Firefox
A separate certificate store does not eliminate the risk