It's what we all assumed, but quietly hoped wasn't quite this bad.
Lazy makers of home routers and the Internet of Things are reusing the same small set of hardcoded security keys, leaving them open to hijacking en masse, researchers have warned.
DELL isn't having a good week. A second root certificate has been found on its PCs and laptops, that could leave users' personal information vulnerable to hackers.
The second certificate, called DSDTestProvider, is installed by an application called Dell System Detect (DSD), which users are prompted to download and install when they visit the Dell support website.
Just under a week after Starwood Hotels revealed that its payment system had been compromised by malware, American hospitality conglomerate, Hilton Worldwide, has confirmed that its system was hit by a similar attack.
Major U.S. computer company Dell Inc [DI.UL] said on Monday a security hole exists in some of its recently shipped laptops that could make it easy for hackers to access users’ private data.
A pre-installed program on some newly purchased Dell laptops that can only be removed manually by consumers makes them vulnerable to cyber intrusions that may allow hackers to read encrypted messages and redirect browser traffic to spoofs of real websites such as Google or those belonging to a bank, among other attacks.
Just in time for the holidays, researchers at iSIGHT Partners are warning retailers about ModPOS -- malware in their point-of-sale systems that is nearly impossible to detect, can do a whole lot more than just scrape customers' credit card data, and has already successfully breached U.S. retailers.
"This is by far the most sophisticated PoS malware I've ever seen," says Maria Noboa, senior threat analyst at iSight.