Tag: vulnerabilities

March 11, 2019

Serious vulnerabilities found in high-end car alarms could have been exploited to remotely hack millions of vehicles, including to track them, immobilize them and spy on their owners. Researchers at UK-based penetration testing and cybersecurity firm Pen Test Partners have […]

February 27, 2019

Security experts from Rice University in the United States, University of Cambridge in the United Kingdom, and SRI International, have discovered a new set of security vulnerabilities that can be exploited by attackers via Thunderbolt, the hardware interface created by […]

February 26, 2019

Cybercriminals are looking for ways to use trusted devices to gain control of Internet of Things (IoT) devices via password cracking and exploiting other vulnerabilities, such as through the exploitation via voice assistants, according to the latest Mobile Threat Report […]

February 26, 2019

Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating invalid signatures or validating signatures on documents that have been modified after having been […]

February 20, 2019

Chip makers’ focus on performance has left microprocessors open to numerous side-channel attacks that cannot be fixed by software updates – only by hard choices. Side-channel attacks such as the Spectre family of vulnerabilities are more widespread threat than previously […]

February 12, 2019

runc, a building-block project for the container technologies used by many enterprises as well as public cloud providers, has patched a vulnerability that would allow root-level code-execution, container escape and access to the host filesystem. Discovered by researchers Adam Iwaniuk […]

February 4, 2019

People who purchase Internet of Things (IoT) devices, such as Nest thermostats and security cameras, likely don’t realize the potential problems that can arise if the services go down, like they did recently with Nest thermostats — making it impossible […]

January 15, 2019

Researchers hacked the Docker test platform called Play-with-Docker, allowing them to access data and manipulate any test Docker containers running on the host system. The proof-of-concept hack does not impact production Docker instances, according to CyberArk researchers that developed the […]

January 14, 2019

A penetration testing tool published by Polish security researcher Piotr Duszyński can bypass login protections for accounts protected by two-factor authentication (2FA). In his write-up on the tool, (which is dubbed Modlishka, meaning “mantis” in English), he asked, “is 2FA […]

January 10, 2019

Should we pump the brakes on the rollout of biometric security to first consider whether we are creating new vulnerabilities? This year thousands of consumers unwrapped new smartphones and laptops which come with biometric sensors that are intended to protect […]