This looks like a nasty vulnerability. It seems that a newly found critical 17-years-old remote code execution (RCE) vulnerability could open nearly all popular #Linux based operating systems and many embedded devices to remote hackers. Many widely-used Linux distributions have already been confirmed impacted. Hacker news writes: The US-CERT today issued advisory warning users of →
This posting is here to collect cyber security news in March 2020. I post links to security vulnerability news with short descriptions to comments section of this article. If you are interested in cyber security trends, read my Cyber security trends 2020 posting. You are also free to post related links to comments. →
This week there has been news on problems with high profile mobile apps for politics and aviation. Iowa has already won the worst IT rollout award of 2020: Rap for crap caucus app chaps in vote zap flap Untested tech, no training, last-minute rollout, buggy code – sound familiar? https://www.theregister.co.uk/2020/02/04/iowa_caucus_software/ ‘We Feel Really Terrible,’ Says →
This posting is here to collect cyber security news in February 2020. I post links to security vulnerability news with short descriptions to comments section of this article. If you are interested in cyber security trends, read my Cyber security trends 2020 posting. You are also free to post related links to comments. →
Software-defined radio (SDR) technology can be used for many interesting technical experiments. With listening only SDR you can do many interesting things, but having a SDR that can also transmit opens many new doors. Here are some interesting videos related to SDR and cyber security: Universal Radio Hacker – Replay Attack With HackRF Download here: →
This posting is here to collect cyber security news in January 2020. I post links to security vulnerability news to comments of this article. If you are interested in cyber security trends, read my Cyber security trends 2020 posting. You are also free to post related links to comments. →
Nothing is more difficult than making predictions. Instead of trowing out wild ideas what might be coming, will be making educated guesses based on what has happened during the last 12 months and several years before that. The past year has seen a rapid increase in the adoption of up-and-coming technologies. Everyday items are getting →
Now there are two attack vectors to send commands to voice assistant from distance without anyone in the room hearing: ultrasounds and laser. Audio Hotspot Attack Crosses the Ultrasonic Beams to Send Silent Commands to Voice Assistants https://www.hackster.io/news/audio-hotspot-attack-crosses-the-ultrasonic-beams-to-send-silent-commands-to-voice-assistants-6d386644111b Lasers Can Take Over Voice Assistant Systems From Long Distances, Research Finds https://securitytoday.com/articles/2019/11/06/laser-hack-alexa-voice-assistants.aspx?m=1 https://news.umich.edu/a-laser-pointer-could-hack-your-voice-controlled-virtual-assistant/ From a distance →
This is a pretty interesting hardware hacking article: https://www.bunniestudios.com/blog/?p=3554 Some SD cards contain vulnerabilities that allow arbitrary code execution — on the memory card itself. On the dark side, code execution on the memory card enables a class of MITM (man-in-the-middle) attacks, where the card seems to be behaving one way, but in fact it →
The EU’s cyber security agency ENISA has published “ENISA threat landscape for 5G Networks” report that draws an initial threat landscape and presents an overview of the challenges in the security of 5G networks. It presents 5G architecture, the identification of important assets, the assessment of threats affecting 5G, the identification of asset exposure and →