The ActiveX control provided for Axis surveillance cameras has a critical vulnerability due to a buffer overflow, according to US-CERT note #355809: Axis Communications provides an ActiveX control for viewing motion JPEG streams in Microsoft development tools and Microsoft Internet Explorer. The ActiveX control, provided by AxisCamControl.ocx, is known as “CamImage” or “Axis Camera Control.” … Continue reading Axis Camera Remote Exploit
While reading about proxy abuse I noticed someone on Digg pointing out some disturbing security issues at a “liberal arts” college in the US: Using proxies and other methods to bypass firewall restrictions, etc, aren’t just useful for viewing Myspace. I’m about to graduate from a liberal arts college with Baptist affiliations. When I started … Continue reading US education sites make Chinese network security look good
I’m speechless… Despite a market capitalization of almost $13bn, it appears the company couldn’t afford to secure its Wi-Fi network with anything more robust than the woefully inadequate Wired Equivalent Privacy protocol. (The much more secure Wi-Fi Protected Access has come standard on most routers for four years now.) It also failed to use firewalls … Continue reading Investigation reveals TJX WEP(ons) of mass destruction
Kevin Rose has announced the pressure from savvy users is a greater threat than that of the financial powerhouses and their lawyers: Occasionally we step in to remove stories that violate our terms of use (eg. linking to pornography, illegal downloads, racial hate sites, etc.). So today was a difficult day for us. We had … Continue reading Digg takes a stand