Ruhr University Bochum
PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All …
SCARF cipher sets new standards in protecting sensitive data
A group of international researchers has achieved a breakthrough in computer security by developing a new and efficient cipher for cache randomization. The cipher, designed by …
Satellites lack standard security mechanisms found in mobile phones and laptops
Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have assessed the security mechanisms of satellites currently …
How to combat hardware Trojans by detecting microchip manipulations
Not only do security vulnerabilities lurk within software, but they can also be embedded directly into hardware, leaving technical applications open to widespread attack. For …
Vulnerability in DJI drones may reveal pilot’s location
Serious security vulnerabilities have been identified in multiple DJI drones. These weaknesses had the potential to allow users to modify crucial drone identification details …
Apache OpenOffice users should upgrade to newest security release!
The Apache Software Foundation (ASF) has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed …
Alexa Skills: Security gaps and data protection problems
With the voice commands “Alexa Skills,” users can load numerous extra functions onto their Amazon voice assistant. Amazon screens special voice assistant functions for …
PDFex attacks can exfiltrate content from encrypted PDF documents
Researchers from Ruhr University Bochum and Münster University of Applied Sciences have devised new attacks allowing them (and potential attackers) to recover the plaintext …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Networking vendors patch against new cryptographic attack
Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, …
New LTE attacks can reveal accessed websites, direct victims to malicious sites
Three new attacks against the LTE 4G wireless data communications technology have been pinpointed by researchers from Ruhr University Bochum and New York University Abu Dhabi. …
Joomla update fixes high risk bug that could lead to site compromise
The developer team behind the popular open-source content management system Joomla is urging users to update the software to the latest version – v3.3.6 (or v3.2.7 for …