A firmware study that found dozens of security problems affecting more than 120 products is a reminder to businesses to segregate and control access to networked office gear, experts say.
Researchers with Eurecom, a technology-focused graduate school in France, conducted the study on more than 30,000 firmware images taken from the websites of Siemens, Xerox, Bosch, Philips, D-Link, Samsung, LG, Belkin and other manufacturers.
Adobe and Microsoft today each independently released security updates to fix critical problems with their products. Adobe issued patches for Adobe Reader/Acrobat, Flash Player and AIR, while Microsoft pushed nine security updates to address at least 37 security holes in Windows and related software.
Almost all recent PCs have Absolute Computrace embedded in their BIOS. It's a product designed to allow companies to track and secure all of their PCs from a single cloud-based console.
But researchers at Kaspersky lab have revealed that it often runs without user-consent, persistently activates itself at system boot, and can be exploited to perform various attacks and to take complete control of an affected machine.
n the world of security penetration testing, researchers often rely on stealth and deception when testing a target. At the Defcon security conference in Las Vegas, a new level of penetration testing deception was demonstrated Aug. 8 with a WiFi hacking device that could be hidden in what appears to be a standard carbon monoxide detector casing.
With support for Windows XP now ending, many people are concerned about whether their computers are still secure. Some of those people will also have been relying on Microsoft Security Essentials to protect their PC, as it's freely available.
The good news is that Microsoft will continue to support the XP version of the software up until July 2015. The bad news is that is was never much cop to begin with, with other free anti-virus options performing far better in our tests, and even a Microsoft employee admitted it was supposed to be a 'baseline' product.
More than two million unique login credentials for Australian internet users were stolen as part of the massive haul of 1.2 billion passwords by a Russian hacker outfit.
Earlier this month Hold Security reported that Russian hackers under the group dubbed CyberVors amassed the largest ever cache of stolen website passwords through automated and botnet-driven SQL injection attacks against horribly insecure websites.
When the computer security company Hold Security reported that more than 1.2 billion online credentials had been swiped by Russian hackers, many people were worried—and justifiably so. Hold isn’t saying exactly which websites were hit, but with so many credentials stolen, it’s likely that hundreds of millions of ordinary consumers were affected.
Late last month, a Siamese cat named Coco went wandering in his suburban Washington, DC neighborhood. He spent three hours exploring nearby backyards. He killed a mouse, whose carcass he thoughtfully brought home to his octogenarian owner, Nancy. And while he was out, Coco mapped dozens of his neighbors’ Wi-Fi networks, identifying four routers that used an old, easily-broken form of encryption and another four that were left entirely unprotected.
An anonymous author who claims to be the hacker who penetrated controversial UK-based Gamma Group International and aired 40 gigabytes of its dirty laundry has published a how-to guide for other hacktivists.
Two seasoned pilots, one of whom is a published hacking expert, have been puncturing some of the myths about aircraft hacking at Defcon 22.
Dr. Phil Polstra, professor of digital forensics at Bloomberg University (and a qualified commercial pilot and flight instructor) and "Captain Polly," professor of aviation at the University of Dubuque, explained that there are some very simple reasons why aircraft can't be digitally hijacked.
