Cybersecurity

This posting is here to collect cyber security news in December 2021. I post links to security vulnerability news to comments of this article. You are also free to post related links to comments. →

Happy Max Headroom signal hijacking day!! https://en.m.wikipedia.org/wiki/Max_Headroom_signal_hijacking The Max Headroom signal hijacking occurred on the night of November 22, 1987, when the television broadcasts of two stations in Chicago, Illinois, United States, were hijacked in an act of broadcast piracy by a video of an unidentified person wearing a Max Headroom mask and costume. According →

Row hammer (also written as rowhammer) is a security exploit that takes advantage of an unintended and undesirable side effect in dynamic random-access memory (DRAM) in which memory cells interact electrically between themselves by leaking their charges, possibly changing the contents of nearby memory rows that were not addressed in the original memory access. The →

First CWE Security Report Highlights the “Most Important Hardware Weaknesses” of 2021 has been released. “The goals for the 2021 Hardware List are to drive awareness of common hardware weaknesses through CWE, and to prevent hardware security issues at the source by educating designers and programmers on how to eliminate important mistakes early in the →

The United States Cybersecurity and Infrastructure Security Agency (CISA) warned last week on proof-of-concept (PoC) code for the BrakTooth Bluetooth vulnerabilities now being publicly available. BrakTooth is the name researchers with the Singapore University of Technology and Design gave to a set of roughly two dozen vulnerabilities in commercial Bluetooth Classic (BT) stacks and which →

This posting is here to collect cyber security news in November 2021. I post links to security vulnerability news to comments of this article. You are also free to post related links to comments. →

LANtenna hack spies on your data from across the room! (Sort of) post tells that Mordechai Guri from the Ben Gurion University of the Negev (BGU) in Israel has recently published a new data exfiltration’ paper detailing an unexpectedly effective way of sneaking very small amounts of data out of a cabled network without using →

Let’s take look at a modern credit card and the nifty electronics it contains. Modern credit cards contains a micro-controller that is connected to the credit card chip contacts and on cards with wireless payment also to an antenna coil inside the card. On the surface the chip inside a card is a typical micro →

OWASP updates top 10 vulnerability ranking for first time since 2017 https://www.zdnet.com/article/owasp-updates-top-10-vulnerability-ranking-for-first-time-since-2017/ “Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017.” The list is available on-line at https://owasp.org/Top10/ Maybe the most significant change in →

Monday October 2021 was an Internet outage day. Many Facebook users faced outage and felt they had “internjet” instead of Internet. Also ePanorama.net has few hours outage. ePanorama.net went down few hours earlier. When I got my server up, in few hours Facebook was able to get their site up. Interesting correlation, but correlation does →