Security researchers and hackers gathered in Las Vegas over the past week to show off and learn about the latest vulnerabilities that affect devices and software that the world relies on every day. Black Hat and DEF CON, the world's top security conferences, did not disappoint.
Stories by Lucian Constantin
A design flaw in the x86 processor architecture dating back almost two decades could allow attackers to install a rootkit in the low-level firmware of computers, a security researcher said Thursday. Such malware could be undetectable by security products.
With their own dedicated processor and operating system, LTE/3G modems built into new business laptops and tablets could be a valuable target for hackers by providing a stealthy way to maintain persistent access to an infected device.
An attack using the SMB file sharing protocol that has been believed to work only within local area networks for over a decade can also be executed over the Internet, two researchers showed at the Black Hat security conference.
A talk about a radio-based privacy device dubbed ProxyHam that promised to allow hackers to connect to Wi-Fi networks from as far as 2.5 miles away was abruptly pulled from the DEF CON schedule by its creator a few weeks ago.
Many smart phone manufacturers preload remote support tools on their Android devices in an insecure way, providing a method for hackers to take control of the devices through rogue apps or even SMS messages.
Inherent insecurity in the routing protocol that links networks on the Internet poses a direct threat to the infrastructure that secures communications between users and websites.
File synchronization services, used to accommodate roaming employees inside organizations, can also be a weak point that attackers could exploit to remain undetected inside compromised networks.
A hacker extracted customer log-in credentials from a server owned by Bitdefender that hosted the cloud-based management dashboards for its small and medium-size business clients.
Researchers have developed a new technique that could allow attackers to determine with a high degree of accuracy which Tor websites users are accessing and where those websites are hosted.
Attackers could exploit a new vulnerability in BIND, the most popular Domain Name System (DNS) server software, to disrupt the Internet for many users.
The cyberespionage group that stole the personal records of millions of Americans from U.S. health insurer Anthem and the U.S. Office of Personnel Management (OPM) has also reportedly breached United Airlines.
A malicious application or Web page could be used to crash Android devices, in some cases persistently, due to a vulnerability in a multimedia processing component.
The former administrator of Darkode, the online cybercrime forum that was recently shut down by law enforcement agencies, is preparing to bring it back, with better security and privacy for its members.
A new vulnerability in emulation code used by the Xen virtualization software can allow attackers to bypass the critical security barrier between virtual machines and the host operating systems they run on.
- Data Analyst | Data Feeds | Catalogue and Map NSW
- Network Design Specialist - Telecommunications NSW
- MDM Engineer NSW
- Contract Systems Analyst (IT Security) 160928/JP/653 Asia
- Infrastructure Solutions Architect ACT
- Business Analyst - Telecom Project NSW
- Scrum Master | High Profile Fintech NSW
- Infrastructure Project Manager - DCR Project NSW
- ICT Security Auditor ACT
- Outbound Telesales VIC
- The Future is Encrypted. What's your defense?
- Start your cloud journey. Register now and learn a wide range of AWS cloud solutions covered in the monthly AWS Webinar Series.
- How to Use Metadata to Make Data-Driven Decisions - Download NOW!
- Harnessing the Power of Metadata for Security: FIND OUT MORE
- Check your Future Risk
- See Your Traffic for What It Really Is
- The Future is Encrypted. Manage It.
- AISA 2016 | Hear from Bruce Schneier, David Lacey, Rik Ferguson and many more | 18-20th October Register Today