Ripple20 zero-day vulnerabilities impact hundreds of millions of IoT devices

Security researchers have identified a series of 19 zero-day vulnerabilities in a lightweight TCP/IP stack library used in many IoT products. The vulnerabilities dubbed Ripple20 likely impact hundreds of millions of IoT devices.

Continue Reading Ripple20 zero-day vulnerabilities impact hundreds of millions of IoT devices

GnuTLS patches TLS vulnerability that could cause MITM attack

The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.

Continue Reading GnuTLS patches TLS vulnerability that could cause MITM attack