Researchers Reveal New Security Flaw Affecting China's DJI Drones

Cybersecurity researchers on Thursday revealed security issues in the Android app developed by Chinese drone-maker Da Jiang Innovations DJI that comes with an auto-update mechanism that bypasses Google Play Store and could be used to install malicious applications and transmit sensitive personal...

Switching from a “Just in Time” delivery system should include planning ahead

As it becomes clear that some things will never again be the same after the global coronavirus pandemic, it is time to prepare for the future. The cybersecurity implications of upcoming changes will be most noticeable in organizations that rely on security models like the software defined...

Linux 5.3 Insecure Root Path Handling Exploit

Linux versions 5.3 and above appear to have an issue where iouring suffers from insecure handling of the root directory for path lookups. Linux =5.3: iouring: insecure handling of root directory for path lookups When I saw today, I realized that this is not just a small correctness issue, but als...

Beers with Talos Ep. #75: Now That Coronavirus Made a Global WFH Policy...

Beers with Talos BWT Podcast episode No. 74 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded March 13, 2020 Of course, we have to talk about the implications of coronavirus. It's affecting the way business...

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming...

Policy vs Technology

Sometime around 1993 or 1994, during the first Crypto Wars, I was part of a group of cryptography experts that went to Washington to advocate for strong encryption. Matt Blaze and Ron Rivest were with me; I don't remember who else. We met with then Massachusetts Representative Ed Markey. He didn'...

Huawei Controversy Highlights 5G Security Implications

The controversy over Huawei’s involvement in the 5G telecom gear market ratcheted up a notch this week. U.S. officials said they have evidence that the Chinese equipment giant has had access to backdoors inside mobile carrier networks for more than 10 years. Officials are trying to make the case...

I know where you rode last summer: Uncovering the security issues of shared scooter services

We recently discovered flaws in the security of shared electric scooter services that have worrying implications for the safety and privacy of their users. Not only is it possible to remotely ring the bells of scooters all over the world, but external parties are able to track the location and...

OPENSUSE-SU-2020:0069-1 Security update for uftpd

This update for uftpd to version 2.11 fixes the following issues: - CVE-2020-5204: Fixed a buffer overflow in FTP PORT parser boo1160199. - Fixed additional bugs which could have security implications...

Patch Tuesday, January 2020 Edition

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security...

GHSA-Q58G-455P-8VW9 In RubyGem excon, interrupted Persistent Connections May Leak Response Data

Impact There was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short,...

In RubyGem excon, interrupted Persistent Connections May Leak Response Data

Impact There was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short,...

Race condition when using persistent connections

There was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it...

Lazarus APT Collaborates with Trickbot's Anchor Project

Researchers have found evidence of a link between global crimeware organization Trickbot and North Korean APT group Lazarus, observing direct collaboration via an all-in-one attack framework developed by Trickbot called Anchor Project. The move appears to be the first time an APT group has aligne...

The iPhone 11 Pro’s Location Data Puzzler

One of the more curious behaviors of Apple's new iPhone 11 Pro is that it intermittently seeks the user's location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds...

Consumer Data Privacy Rights: Emerging Tech Blurs Lines

LAS VEGAS – From drones to facial recognition, new technology applications are introducing unique consumer privacy issues for civil society — and U.S. lawmakers and legal teams are struggling to keep up. Privacy is a fundamental human right for consumers, but new ways in which data is collected a...

Graboid: Revenge of the Worms

This week saw news of self-propagating worms in the container landscape to perform unsanctioned computation tasks such as cryptojacking. This blog post is intended for Qualys customers and partners to understand how such container attacks work, provide security best practice recommendations &...

Ruby: Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON)

During my recent keyword argument separation work on rbscanargs in the master branch, I discovered what I now think is a vulnerability. While the CVE-2013-0269 change fixed most usage of JSON.parse, it ended up not fixing KernelJSON. The reason behind this is that internally, in...

This Week in Security News: Magecart Attacks and Is Your Smart TV Spying on You?

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Magecart attacks and the security implications of PSD2. Also, read about how your smart TV might be leaking your data to the lik...

Google Calendar Settings Gaffes Exposes Users' Meetings, Company Details

Google has come under fire for a configuration setting tied to its Google Calendar service, which has left hundreds of calendars inadvertently open to the public – and could potentially expose billions more. It’s important to note that no actual vulnerability exists in the settings of Google...