Netgear router vulnerability issue and bugs in Linux app: IT leaders need to be aware.
Debian an Linux distro developers were recommended that Cryptkeeper will be removed from the operating system after a critical bug which is a single character decryption password. The app’ s developer appears to have abandoned the project, reports The Register. A Debian developer, Simon McVitte, said in an email about the issue that a false sense of security that is worse than not encrypting at all at currently.
Threatpost reports that potentially more than one million Netgear routers contain a pair of vulnerabilities that could allow an attacker to retrieve management passwords for the devices. Netgear has released updates for 20 models, and has provided a workaround for an additional dozen that will not get updates.
VMware has issued to correct two vulnerabilities which is updates to its AirWatch Inbox and Agent for Android. AirWatch Agent for Android contains a vulnerability that during enrollment it may allow a device to bypass root detection, and AirWatch Inbox for Android’ s vulnerability will decrypt the local data used by the application which is allowed by a rooted device. Those updates are available in the Google Play store.
http://www.netgear.com/about/security/.
http://www.netgear.com/home/discover/apps/genie.aspx
https://bugcrowd.com/netgear