Arduino Codes Free - External URLs, MIT license, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Arduino Codes Free published at the 'play' market has multiple vulnerabilities...

Linux snd-usb-audio Denial Of Service

OS-S Security Advisory 2016-17 Linux snd-usb-audio Multiple Free Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes multiple free on invali...

Linux digi_acceleport Null Pointer Dereference

OS-S Security Advisory 2016-12 Linux digiacceleport Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid U...

Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'aiptek' Nullpointer Dereference

Exploit for linux platform in category dos / poc Linux aiptek Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: CVE-2015-7515 CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on...

Credit Card Magstripe Spoofer: MagSpoof

MagSpoof is a device that can spoof/emulate any magnetic stripe or credit card. It can work “wirelessly”, even on standard magstripe/credit card readers, by generating a strong electromagnetic field that emulates a traditional magnetic stripe card. MagSpoof does not enable you to use credit cards...

This Guy Builds A Thor-Like Hammer that Only He Can Pick Up

If you have watched the most recent Avengers movie, then you would be aware of a scene where all the superheroes Iron Man, War Machine, Hawkeye, and Captain America take turns to lift Thor’s hammer but fail. Someone has an explanation, Why? Inspired by Thor's legendary hammer Mjolnir that is not...

Arduino JSON 'extractFrom' function denial of service vulnerability

Arduino JSON is a JSON library that runs on embedded systems. A security vulnerability in the 'extractFrom' function in the Internals/QuotedString.cpp script for Arduino JSON allows a remote attacker to submit a JSON string with a special termination character followed by the ' \ ' character afte...

Buffer overflow

The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...

CVE-2015-4590

The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...

CVE-2015-4590

CVE-2015-4590 concerns the Arduino JSON library. The accessible details specify: in the library version before 4.5, the extractFrom function in Internals/QuotedString.cpp is vulnerable to a denial of service when processing a JSON string that contains a backslash followed by a terminator (e.g., "...

CVE-2015-4590

The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service crash via a JSON string with a \ backslash followed by a terminator, as demonstrated by "\\0", which triggers a buffer overflow and over-read...

This 3D Printed Robot Cracks Combination Locks in Less than 30 Seconds

Be careful while leaving your important and valuable stuff in your lockers. A 3D printed robot has arrived that can crack a combination lock in as little as 30 seconds. So, it’s time to ditch your modern combination locks and started keeping your valuable things in a good old-fashioned locker wit...

How a $10 USB Charger Can Record Your Keystrokes Over the Air

Hardware hacker and security researcher Samy Kamkar has released a slick new device that masquerades as a typical USB wall charger but in fact houses a keylogger capable of recording keystrokes from nearby wireless keyboards. The device is known as KeySweeper and Kamkar has released the source co...

KeySweeper — Arduino-based Keylogger for Wireless Keyboards

Security researcher has developed a cheap USB wall charger that is capable to eavesdrop on almost any Microsoft wireless keyboard. MySpace mischief-maker Samy Kamkar has released a super-creepy keystroke logger for Microsoft wireless keyboards cunningly hidden in what appears to be a rather cheap...

16-year-old Invents Device that Can Convert Breath to Speech

A High-school student Arsh Shah Dilbagi has invented a portable and affordable device that converts breath into speech, helping people suffering from different developmental disabilities like locked-in syndrome, Parkinson's, or ALS to communicate using only their breath. A 16-year-old Dilbagi who...

Havex, It’s Down With OPC

FireEye recently analyzed the capabilities of a variant of Havex referred to by FireEye as “Fertger” or “PEACEPIPE”, the first publicized malware reported to actively scan OPC servers used for controlling SCADA Supervisory Control and Data Acquisition devices in critical infrastructure e.g., wate...

[BlackArch] Linux Distribution with 600 Security Tools

BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers. The repository contains 630 tools. You can install tools individually or in groups. BlackArch is compatible with existing Arch installs. Tool List: Name | Version | Description | Homepage...

Long range RFID hacking tool to be released at Black Hat

Out of necessity come many interesting inventions. Fran Brown, a year ago, was working a penetration test for an electric utility doing an assessment of its SCADA network. His first challenge was to get inside the facility, meaning, in short that he had to break in. To do so, he decided to test t...

Four million hotel locks vulnerable to 'Dry erase marker'

At Black Hat security conference this year Cody Brocious demonstrated that How a simple Dry erase marker allows him to open an Onity hotel room door lock with an Arduino, which is totally James Bond. This is just kind of scary on multiple levels, the least being that dry erase markers are one of...

BackTrack 5 R2 Released, New Kernel, New Tools

BackTrack 5 R2 Released, New Kernel, New Tools Hacker are your Ready ? Backtrack 5 R2 finally released with bug fixes, upgrades, and the addition of 42 new tools. With the best custom-built 3.2.6 kernel, the best wireless support available at maximum speed. This release have included Metasploit...