Lucene search
+L

19 matches found

HackRead
HackRead
added 2023/04/04 12:20 p.m.15 views

WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android

By Deeba Ahmed The findings are to be presented at the Usenix Security Symposium. This is a post from HackRead.com Read the original post: WiFi Flaws Allow Network Traffic Interception on Linux, iOS, and Android...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/30 1:0 a.m.48 views

Smart home assistants at risk from "NUIT" ultrasound attack

A new form of attack named "Near Ultrasound Inaudible Trojan" NUIT has been unveiled by researchers from the University of Texas. NUIT is designed to attack voice assistants with malicious commands remotely via the internet. Impacted assistants include Siri, Alexa, Cortana, and Google Assistant...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/12 6:35 a.m.4 views

New Browser Attack Allows Tracking Users Online With JavaScript Disabled

Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled. "This is a side-channel attack which doesn't require any JavaScript to run," the...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/08 11:8 a.m.157 views

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

A new research has yielded yet another means to pilfer sensitive data by exploiting what's the first "on-chip, cross-core" side-channel attack targeting the ring interconnect used in Intel Coffee Lake and Skylake processors. Published by a group of academics from the University of Illinois at...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/23 10:46 a.m.7 views

Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs

Researchers have demonstrated a novel class of attacks that could allow a bad actor to potentially circumvent existing countermeasures and break the integrity protection of digitally signed PDF documents. Called "Shadow attacks" by academics from Ruhr-University Bochum, the technique uses the...

7.8CVSS7.5AI score0.02328EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/02/19 3:8 p.m.217 views

New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card

Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card. The research, published by a group of academics from ETH Zurich, builds on a stud...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/21 9:55 a.m.108 views

Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers

A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans. The details of the attacks against Xilinx 7-Series and...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2018/10/05 9:6 p.m.85 views

HeapHopper - A Bounded Model Checking Framework For Heap-implementations

HeapHopper is a bounded model checking framework for Heap-implementations. Setup sudo apt update && sudo apt install build-essential python-dev virtualenvwrapper git clone https://github.com/angr/heaphopper.git && cd ./heaphopper mkvirtualenv -ppython2 heaphopper pip install -e . Required Package...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/08/15 8:38 p.m.8 views

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

We live in a world where washing machines text us when a load of laundry is finished and refrigerators can email grocery lists; but for all the convenience, it turns out that these high-wattage appliances can potentially be marshaled into something very inconvenient indeed: A wide-scale attack on...

0.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/08/14 4:7 p.m.38 views

Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw

A new Bleichenbacher oracle cryptographic attack has been set loose on the world, using a 20-year-old protocol flaw to compromise the Internet Key Exchange IKE protocol used to secure IP communications. Specifically, the attack targets IKE’s handshake implementation used for IPsec-based VPN...

4.3CVSS0.4AI score0.01722EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2015/08/27 1:51 p.m.13 views

MassVet Android Malicious App Scanner

Most Android malware samples can be found clinging to some sort of knockoff to a legitimate application. Hiding in plain sight like that, sometimes they find their way into Google Play or any one of the dozens of less-patrolled Android markets. Researchers at Indiana University believe they’ve co...

7.4AI score
Exploits0References2
The Hacker News
The Hacker News
added 2015/07/16 7:47 p.m.24 views

How to Crack RC4 Encryption in WPA-TKIP and TLS

Security researchers have developed a more practical and feasible attack technique against the RC4 cryptographic algorithm that is still widely used to encrypt communications on the Internet. Despite being very old, RC4 Rivest Cipher 4 is still the most widely used cryptographic cipher implemente...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2015/07/15 2:27 p.m.17 views

New RC4 Attack Dramatically Reduces Plaintext Recovery Time

Two Belgian security researchers from the University of Leuven have driven new nails into the coffin of the RC4 encryption algorithm. A published paper, expected to be delivered at the upcoming USENIX Security Symposium next month in Washington, D.C., describes new attacks against RC4 that allow ...

7.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/08/25 12:32 p.m.5 views

Android Side-Channel Hack Leads to Data Loss at USENIX

A weakness in Android, one that’s likely also found in other leading operating systems, allows an attacker to infer what’s happening on a victim’s user interface and launch an appropriate secondary attack resulting in data loss. Researchers from the University of Michigan and the University of...

1.6AI score
Exploits0References1
ThreatPost
ThreatPost
added 2014/08/21 12:15 p.m.9 views

New Facebook Internet Defense Prize Pays Out $50,000 Award

Large technology companies may already have bug bounty programs in place that reward researchers who attack and find holes in software or web platforms. Slowly, some are also starting to institute programs that pay for defensive measures. Facebook is the latest to do so with the implementation of...

7.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2014/06/09 3:33 p.m.10 views

Red Button Attack Could Compromise Smart TVs

A vulnerability in an emerging interactive television standard could expose smart TVs to untraceable drive-by hacking attacks that could steal personal information and wreak havoc on televisions and anything connected to them. The feature, HbbTV, Hybrid Broadcast Broadband Television was introduc...

7.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/08/26 3:43 p.m.20 views

Phone Hack Could Block Messages, Calls on GSM Networks

By tweaking the firmware on certain kinds of phones, a hacker could make it so other phones in the area are unable to receive incoming calls or SMS messages, according to research presented at the USENIX Security Symposium earlier this month. The hack involves modifying the baseband processor on...

7.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/08/12 3:46 p.m.13 views

Video: Researchers Knock Out a $3K First Responder's Radio With a $30 Children's Toy

During the Reagan Administration, the ‘government waste’ meme was all about $600 toilet seats and $300 hammers. Those looking for a more contemporary example of how government procurement gets it wrong might point, instead, to Project 25 P25, a decade old effort to provide first responders and...

0.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2011/07/11 6:51 p.m.17 views

Security Metrics Go Prime Time at Metricon 6

The metrics movement that has been slowly but surely infiltrating the security community in the last few years has had its own annual gathering–Metricon–for some time now. It’s been a small, quasi-academic conference since its inception, but now Metricon’s organizers are branching out a bit,...

7.2AI score
Exploits0References3
Rows per page
Query Builder