QuarkslaB Dynamic binary Instrumentation: QBDI

QuarkslaB Dynamic binary Instrumentation QBDI is a modular, cross-platform and cross-architecture DBI framework. It aims to support Linux, macOS, Android, iOS and Windows operating systems running on x86, x86-64, ARM and AArch64 architectures. Information about what is a DBI framework and how QBD...

Smart Devices Can Be Hijacked to Track Your Body Movements And Activities Remotely

If your smartphones, tablets, smart refrigerators, smart TVs and other smart devices are smart enough to make your life easier, their smart behavior could also be leveraged by hackers to steal data, invade your privacy or spy on you, if not secured properly. One such experiment has recently been...

Building a Car Hacking Development Workbench: Part 3

Welcome back to the car hacking development workbench series. In part two we discussed how to read wiring diagrams. In part three, we are going to expand on the workbench by re-engineering circuits and replicate signals used in your vehicle. If this is your first time stumbling across this write...

Google Changes How it Analyzes Misbehaving Mobile Apps

Mobile apps in the Google Play store are categorized by their purpose, i.e., productivity or games. But there is a science to how apps are arranged, in particular around security and privacy features, and especially in holding back those apps whose behaviors pose a risk to mobile users. Google on...

Using Ultrasonic Beacons to Track Users

I've previously written about ad networks using ultrasonic communications to jump from one device to another. The idea is for devices like televisions to play ultrasonic codes in advertisements and for nearby smartphones to detect them. This way the two devices can be linked. Creepy, yes. And als...

Jumping Airgaps with a Laser and a Scanner

Researchers have configured two computers to talk to each other using a laser and a scanner. Scanners work by detecting reflected light on their glass pane. The light creates a charge that the scanner translates into binary, which gets converted into an image. But scanners are sensitive to any...

Brute Force AM/OOK (ie: Garage Doors)

Post Module for HWBridge RFTranscievers. Brute forces AM OOK or raw binary signals. This is a port of the rfpwnon tool by Corey Harding. https://github.com/exploitagency/github-rfpwnon/blob/master/rfpwnon.py This module requires Metasploit: https://metasploit.com/download Current source:...

Sends Beacons to Scan for Active ZigBee Networks

Post Module to send beacon signals to the broadcast address while channel hopping This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sends Beacons to Scan for Active ZigBee Networks', 'Description...

UBUNTU-CVE-2010-5328

include/linux/inittask.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service system crash by leveraging access to this process group...

USN-3116-1: DBus vulnerabilities

It was discovered that DBus incorrectly validated the source of ActivationFailure signals. A local attacker could use this issue to cause a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-0245 It was discovered that DBus incorrectly handled certain...

CAN bus analysis tool: Kayak

CAN bus analysis tool Kayak is a application for CAN bus diagnosis and monitoring. Its main goals are a simple interface and platform independence. Kayak is implemented in pure Java and has no platform specific dependencies. It includes a complete CAN bus abstraction model that can be included in...

Hey, Poker Face — This Wi-Fi Router Can Read Your Emotions

Are you good at hiding your feelings? No issues, your Wi-Fi router may soon be able to tell how you feel, even if you have a good poker face. A team of researchers at MIT's Computer Science and Artificial Intelligence Laboratory CSAIL have developed a device that can measure human inner emotional...

How to Leak Data From Air Gapped Computers With USB Devices

Researchers at Ben-Gurion University of Negev have found a way to take a run-of-the-mill USB device and use it to leak data from an air-gapped computers via RF signals. Academics with the school’s Cyber Security Research Labs division claim they’ve come up with software, dubbed USBee, that can...

Keystroke Recognition Uses Wi-Fi Signals To Snoop

A group of academic researchers have figured out how to use off-the-shelf computer equipment and a standard Wi-Fi connection to sniff out keystrokes coming from someone typing on a keyboard nearby. The keystroke recognition technology, called WiKey, isn’t perfect, but is impressive with a reporte...

What is Defcon

The first year I attended, I was lucky enough to identify interesting wireless signals with a distinct sound - that of the POCSAG and FLEX protocols. Decoding these signals revealed party invites to the Telephreak party where I listened to raw, uncensored lightning talks covering topics from car...

Academics Devise New Way to Steal Data from Air-Gapped Computers

Stealing data from air-gapped computers is one of the great exercises in computer security: advanced attackers covet what’s stored on these isolated machines, while researchers try to figure out the novel ways adversaries could jump those gaps. The latest effort doesn’t involve USBs, heat,...

New Hack Uses Hard Drive's Noise to Transfer Stolen Data from Air-Gapped Computer

Air-gapped computers that are isolated from the Internet and other computers are long considered to be the most secure and safest place for storing data in critical infrastructures such as industrial control systems, financial institutions, and classified military networks. However, these systems...

Edward Snowden Designs an iPhone Case to Detect & Block Wireless Snooping

We just cannot imagine our lives without smartphones, even for a short while, and NSA whistleblower Edward Snowden had not owned a smartphone since 2013 when he began leaking NSA documents that exposed the government's global surveillance program. Snowden fears that cellular signals of the...

Apple Patents Technology to remotely disable your iPhone Camera at Concerts

Here's something you'll not like at all: Apple has been awarded a patent for technology that would prevent you from snapping pictures and shooting videos with your iPhone or iPad at places or events, like concerts or museums, where it might be prohibited or inappropriate. The patent, granted on...

HackerOne: Signals get affected once reports closed as self

According to your documentation "https://hackerone.com/blog/introducing-signal-and-impact" Examples ActivityReputation Report Self close as N/A : 0 . its means Signals are not affected . But our case signal affected by self-closed reports Signals doesn't take the 0 baseline into consideration for...