AirHopper — Hacking Into an Isolated Computer Using FM Radio Signals

In order to secure sensitive information such as Finance, many companies and government agencies generally use totally secure computer systems by making sure it aren't connected to any network at all. But the most secure systems aren't safe anymore. Security researchers at the Cyber Security Labs...

openssh security, bug fix, and enhancement update

5.3p1-104 - ignore SIGXFSZ in postauth monitor child 1133906 5.3p1-103 - don't try to generate DSA keys in the init script in FIPS mode 1118735 5.3p1-102 - ignore SIGPIPE in ssh-keyscan 1108836 5.3p1-101 - ssh-add: fix fatal exit when removing card 1042519 5.3p1-100 - fix race in backported...

Fedora 21 : mksh-50c-1.fc21 (2014-12210)

R50c is a security fix release : - Know more rare signals when generating syssigname replacement - OpenBSD sync mostly RCSID only - Document HISTSIZE limit; found by luigi345 on IRC - Fix link to Debian .mkshrc - Cease exporting $RANDOM Debian 760857 - Fix C99 compatibility - Work around klibc bu...

Fedora 19 : mksh-50c-1.fc19 (2014-12235)

R50c is a security fix release : - Know more rare signals when generating syssigname replacement - OpenBSD sync mostly RCSID only - Document HISTSIZE limit; found by luigi345 on IRC - Fix link to Debian .mkshrc - Cease exporting $RANDOM Debian 760857 - Fix C99 compatibility - Work around klibc bu...

Hacking Traffic Lights is Amazingly Really Easy

Hacking Internet of Things IoTs have become an amazing practice for cyber criminals out there, but messing with Traffic lights would be something more crazy for them. The hacking scenes in hollywood movies has just been a source of entertainment for the technology industry, like we've seen traffi...

RHEL 6 : MRG (RHSA-2013:0829)

Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Improving the URL bar

iOS has hidden the pathname of URLs for some time now, but recently Chrome Canary introduced something similar behind a flag. I'm not involved in the development of Chrome experiment at all, but I've got more than 140 characters worth of opinion on it… We have a real security problem I recently...

Navy's Cyberwar Expert - New Director of NSA, replacing Gen. Keith Alexander

It is very clear that when we talk about Intelligence and Surveillance, the first name comes to our mind is the U.S National Security Agency NSA and, the second is Gen. Keith Alexander, the Director of NSA..GEEK behind the massive surveillance Programs. Many documents revealed by the former NSA’s...

Oracle linux 5 kernel update

kernel 2.6.18-371 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 987539 2.6.18-370 - net be2net: Fix to avoid hardware workaround when not needed Ivan Vecera 995961 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970875 CVE-2013-2141...

Oracle Linux 5 : kernel (ELSA-2013-1292)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1292 advisory. - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970874 970875 CVE-2013-2141 - net ipv6: do udppushpendingframes AFINET soc...

kernel security and bug fix update

kernel 2.6.18-348.18.1 - net be2net: enable polling prior enabling interrupts globally Ivan Vecera 1005239 987539 - kernel signals: stop info leak via tkill and tgkill syscalls Oleg Nesterov 970874 970875 CVE-2013-2141 - net ipv6: do udppushpendingframes AFINET sock pending data Jiri Benc 987647...

Frequently Unanswered Questions on the NSA Leaks

The flood of documents regarding the NSA’s collection methods and capabilities that have been leaked this summer has produced thousands of news stories and several metric tons of speculation about what it all means. But for all of the postulating, analysis and reporting, there are still a lot of...

Snowden-Leaked NSA Budget Shows Code-Breaking Investments

New documents leaked by Edward Snowden quantify the resources supporting an extensive intelligence community crypto-cracking program. Tens of thousands of people and billions of dollars are behind the Consolidated Cryptologic Program, as reported yesterday by The Washington Post. Signals...

Exploiting GPS vulnerability to Hijack Ships, Airplanes with $3000 Equipments

The GPS expert Todd Humphreys, professors at the University of Texas, demonstrated that just using a cheap apparatus composed by a small antenna, an electronic GPS “spoofer” built in $3,000 and with a laptop, it is possible to exploit GPS vulnerability to obtain control of sophisticated navigatio...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2013:1051 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring...

Hijacking plane's navigation system with an Android app, Researcher claimed

It is a terrifying prospect, a hack that allows an attacker to take control of plane navigation and cockpit systems has been revealed at a security conference in Europe. This was demonstrated by Hugo Teso, a researcher at security consultancy N.Runs in Germany who's also a commercial airline pilo...

CVE-2013-0292

The dbusgproxymanagerfilter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal...

CVE-2013-0292

The dbusgproxymanagerfilter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal...

CVE-2013-0292

The dbusgproxymanagerfilter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal...

Intercepting Traffic of widerange frequencies with HackRF Radio

At the ToorCon hacker conference in San Diego Saturday, Ossmann and his research partner Jared Boone plan to unveil a beta version of the HackRF Jawbreaker, the latest model of the wireless Swiss-army knife tools known as software-defined radios. It grants any computer programmer the ability to...