IoT and Privacy: a report by BITDEFENDER

/ März 25, 2016/ IoT News&Updates/ 0Kommentare

BITDEFENDER has released a report about 4 well-known IoT devices (a WeMo Switch, a Lifx Bulb, a LinkHub and a MUZO Cobblestone Wi-Fi Audio). The findings shouldn’t be new to anyone, but are quite interesting. The full report can be found here:

TVT DVRs vulnerable to RCE

/ März 24, 2016/ IT Security News&Updates/ 0Kommentare

According to, some DVRs manufactured by TVT (and we suspect other IP-enabled devices too) are susceptible to a RCE (Remote-Code-Execution) attack. In computer security, arbitrary code execution is used to describe an attacker’s ability to execute any commands of the attacker’s choice on a target machine or in a target process. It is commonly used in arbitrary code execution vulnerability


Web Application Firewall (WAF)

/ November 12, 2015/ IT Security News&Updates/ 0Kommentare

What is a waf? A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. Any example? ModSecurity is an open


DATA exfiltration: the DNS way

/ November 11, 2015/ IT Security News&Updates/ 0Kommentare

DNS is one of those things that usually work everywhere, anywhere, even if there’s a firewall or a security solution in place. An interesting article to read about this can be found here: