Cybersecurity

Max Headroom signal hijacking

Happy Max Headroom signal hijacking day!! https://en.m.wikipedia.org/wiki/Max_Headroom_signal_hijacking The Max Headroom signal hijacking occurred on the night of November 22, 1987, when the television broadcasts of two stations in Chicago, Illinois, United States, were hijacked in an act of broadcast piracy by a video of an unidentified person wearing a Max Headroom mask and costume. According

Dynamic random flip memory

Row hammer (also written as rowhammer) is a security exploit that takes advantage of an unintended and undesirable side effect in dynamic random-access memory (DRAM) in which memory cells interact electrically between themselves by leaking their charges, possibly changing the contents of nearby memory rows that were not addressed in the original memory access. The

Hardware Weaknesses of 2021

First CWE Security Report Highlights the “Most Important Hardware Weaknesses” of 2021 has been released. “The goals for the 2021 Hardware List are to drive awareness of common hardware weaknesses through CWE, and to prevent hardware security issues at the source by educating designers and programmers on how to eliminate important mistakes early in the

Braktooth breaks Bluetooth

The United States Cybersecurity and Infrastructure Security Agency (CISA) warned last week on proof-of-concept (PoC) code for the BrakTooth Bluetooth vulnerabilities now being publicly available. BrakTooth is the name researchers with the Singapore University of Technology and Design gave to a set of roughly two dozen vulnerabilities in commercial Bluetooth Classic (BT) stacks and which

Contactless credit card secrets

Let’s take look at a modern credit card and the nifty electronics it contains. Modern credit cards contains a micro-controller that is connected to the credit card chip contacts and on cards with wireless payment also to an antenna coil inside the card. On the surface the chip inside a card is a typical micro

OWASP updates top 10

OWASP updates top 10 vulnerability ranking for first time since 2017 https://www.zdnet.com/article/owasp-updates-top-10-vulnerability-ranking-for-first-time-since-2017/ “Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017.” The list is available on-line at https://owasp.org/Top10/ Maybe the most significant change in

Big Outage Day October 4, 2021

Monday October 2021 was an Internet outage day. Many Facebook users faced outage and felt they had “internjet” instead of Internet. Also ePanorama.net has few hours outage. ePanorama.net went down few hours earlier. When I got my server up, in few hours Facebook was able to get their site up. Interesting correlation, but correlation does