Security

The latest vulnerability for Android handsets is QuadRooter, and there are an estimated 900 million devices at risk. Just shy of a billion phones and tablets is undeniably a lot, but how can you know if you are affected?

While a list of devices that are definitely affected has been published, it is far from exhaustive. Thankfully the good folk at Check Point Software have put together a special app that will test your phone or tablet and let you know the risk.

MICROS, an Oracle-owned division that's one of the world's top three point-of-sale services, has suffered a security breach. The attack possibly comes at the hands of a Russian crime gang that siphoned out more than $1 billion from banks and retailers in past hacks, security news site KrebsOnSecurity reported Monday.

When we first wrote about the world of automated Pokémon Go-playing "bot" programs a few weeks ago, we predicted a brewing technological war. Developer Niantic was inevitably going to deploy cheat-detection technology, and hackers would subsequently work to break through that detection. Last week, we saw the first battle in that war, and so far it seems like the hackers are winning handily.

The poor security controls around the way the sensors transmit data were detailed in a presentation at the Def Con hacker convention.

Researchers found ways to fool and overload sensors so monitoring systems would get wildly inaccurate readings.

The findings have been reported to the US computer emergency organisation that oversees national infrastructure. Nanometrics, the company that makes the sensor system that was probed disputed the researchers' findings.

Last November, Synopsys security researcher Ian Haken demonstrated how it would be possible to bypass Windows authentication and even BitLocker encryption on devices to which he had physical access.

The attack routine he described involved taking a computer out of the enterprise network it was assigned to and away from its original domain controller.

On Thursday, a program called Mayhem, created by a Carnegie Mellon team, won the $2 million first prize in the Cyber Grand Challenge, the latest in a series of technology competitions sponsored by the Defense Advanced Research Projects Agency, or DARPA.

L33tdawg: Somewhat similar to Antonios Chariton's Exploiting Passbook talk from #HITB2014AMS

Przemek Jaroszewski, head of Poland’s chapter of the international Computer Emergency Readiness Team program, was scheduled to present what was likely one of the more basic but frightening hacks at this week’s Defcon conference in Las Vegas—an Android app that generates fake boarding passes.

Anti-virus software is often used to mitigate all sorts of attacks levied against computers, but what about their displays? Turns out, those can be manipulated in much the same manner as a pair of security researchers have demonstrated.

Many Bluetooth Low Energy smart locks can be hacked and opened by unauthorized users, but their manufacturers seem to want to do nothing about it, a security researcher said yesterday (Aug. 6) at the DEF CON hacker conference here.

After years of reluctance to pay researchers for exploits, Apple has given in and is ready to hand out up to $200,000 for critical vulnerabilities found in the latest version of iOS and the newest iPhones.

Apple announced the program Thursday at the Black Hat security conference in Las Vegas. It starts in September, and unlike bounty programs run by other large technology companies it will be invitation-only.