This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
11/01/2019
DNS Rebinding: A Frightening Attack Vector with Spooky Security Impacts
The State of Security
One of the greatest misconceptions about online safety is that home networks are somehow private. Unfortunately, this hasn’t been true since around the turn of the century when we started filling our home networks with Internet-connected boxes serving local web pages.
The problem is that web browsers typically make little distinction between web sites on the public internet versus those on a home or office network. This ultimately opens paths from untrusted external web content to sensitive IoT devices on a local LAN.
This is compounded by the fact that many of the embedded devices sold for home or office are designed to trust all connections coming from a home network.
Many smart home products, media streaming devices and even cameras completely lack authentication checks or have trivial authentication bypass vulnerabilities.
This is where Dolos comes into the picture. Dolos is an extensive framework for testing the impact of cross-site attacks against IoT devices.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information