vulnerability
IE8 0-day used in watering hole attacks
Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now …
Top Android AV software fooled by common evasion techniques
A team of researchers from Northwestern University and North Carolina State University have tested ten of the most popular Android anti-virus software and have discovered that …
IT security risks of features in connected cars
In an effort to provide new conveniences as well as meet physical security standards, many new consumer vehicles are offering more complex features. Click the image to view …
Poor Skype account verification allows account hijacking
A security researcher and hacker that does by the online handle of TibitXimer claims that his Skype account has been hijacked six times in one day due to Skype’s poor …
Wireless hack attacks target critical infrastructure
Critical infrastructure control systems are at risk from wireless attacks carried out over Software Defined Radio (SDR), according to Digital Assurance. Critical network …
Widely used routers easy to hack even by remote attackers
Security researchers from Independent Security Evaluators have tested thirteen widely used small office/home office routers and wireless access points, and have discovered …
Most corporate computers missing critical software updates
87 percent of corporate computers are missing critical software updates that could threaten business security, according to F-Secure data from around 200,000 workstations …
Oracle plugs a host of critical Java vulnerabilities
Oracle’s Java SE Critical Patch Update for April 2013 contains 19 CVEs with CVSS base score of 10 (the highest you can go) indicating that exploiting the vulnerability …
FAA and EASA say hijacking planes using an app is not possible
The big news last week was that, according to researcher Hugo Teso, it is possible for malicious individuals to take control of an airplane using a special framework and an …
Hijacking airplanes with an Android phone
An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android …
Thousands of Amazon S3 buckets left open exposing private data
Cloud hosting and cloud storage is all the rage, but there are still some common pitfalls that many organizations overlook. In this article I will walk through an issue that …
Cisco devices saddled with weakened password encryption
Instead of improving it, an implementation issue has left a “limited” number of Cisco IOS and Cisco IOS XE releases with a weaker password hashing algorithm, …