Security is an applied science. Security properties and secure design are only valid in the context of a particular application or environment. Similarly, hacking techniques and tools are only useful for exploiting specific types of vulnerabilities.
As companies continue to beat the Internet of Things drum, promoting a world when every device is smart, and anything electronic is network connected, we have some news that shows just what a horrible idea this really is. A security firm has found that a Linux kernel driver called NetUSB contains an amateurish error that can be exploited by hackers to remotely compromise any device running the driver. The driver is commonly found in home routers, and while some offer the ability to disable it, others do not appear to do so.
I'll be honest with you. LinkedIn scares me.
For any criminal interested in targeting senior staff in an organisation, it's a goldmine of information.
Apple released on Tuesday its first update for Watch OS, the iOS-based operating system that runs on the Apple Watch.
Watch OS 1.0.1 patches a total of 13 vulnerabilities affecting components such as the kernel, Secure Transport, FontParser, the Foundation framework, IOHIDFamily, and IOAcceleratorFamily.
The FontParser issue exists due to the way font files are processed. An attacker can exploit this vulnerability (CVE-2015-1093) to execute arbitrary code by getting a user to process a maliciously crafted font.
There are a lot of things Denver is known for being high on -- mostly altitude. Lately, it isn’t just the sticky green political battle that has been gaining attention. It’s the high-altitude antics of our local information security enthusiast Chris Roberts. But, like most highs and hacked aviation systems, this story is bound to plummet into the lifeless, high-desert plains. Why? News agencies are reporting that Chris Roberts, as a passenger, took control of an airplane mid flight by hacking the plane’s entertainment system, and was able to briefly redirect the flight’s course.