WDTV Live SMP Remote Password Reset Exploit (for starters…)

WDTV Live Streaming Media Player release 2.03.20 (and likely earlier) contains a weakness that allows an unauthenticated attacker to change the web management password to a value of their choice. Nothing earth-shattering here, just a failure to validate that a POST request contains the correct validated headers that an authenticated user should have before processing the…

Hacking people in business

Just returned home after a quick business trip to the Middle East. The temperature was solid, the trip went smoothly and the delegation achieved what it set out to accomplish.But I was reminded that the operational effectiveness of an enterprise information security program has a strong correlation to the seniority of those who support it in…