Ode to the use-after-free: one vulnerable function, a thousand possibilities Overview This post explores an old but wonderful vulnerability that enables us...
Cisco released a firmware update to fix a critical buffer overflow vulnerability in CISCO CVR100W Wireless-N VPN Small Business Routers. Cisco has...
Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) research team noticed security alerts that demonstrated an intriguing attack...
Polish security expert Dawid Golunski has discovered a zero-day in the WordPress password reset mechanism that would allow an attacker to obtain...
PowerShell continues to be the tool of choice for defenders, IT administrators, and hackers. The extensibility, support, and ability to have a...
There is an insane amount of industrial robots connected to the Internet, and even worse, thousands are left with no form of...
The same weakness could be used to eavesdrop on calls and track users’ locations. A known security hole in the networking protocol...
Malware researchers at security firm ProofPoint reported the Chinese TA459 APT has exploited the CVE-2017-0199 vulnerability to target Financial firms. The notorious...
A CIS study estimated number of Aadhaar numbers leaked through 4 gov portals could be around 135 million and 100M bank account...
Hyundai has patched a security flaw in the Blue Link mobile application that exposed sensitive information, which hackers could have used to...
Tutorials on Windows DLL injections in C have noticable gaps in what they explain. This blog post plus the comments on my...
Luca Bongiorni was working on a cheap and dedicated hardware that he could remotely control (i.e. over WiFi or BLE), that is...
One of the more interesting classes of security vulnerabilities are those affecting interoperability technology. This is because these vulnerabilities typically affect any...
WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency’s effort to...
Security expert Chris Vickery reported a data breach at online trading firm AMP that exposed customer credit reports, and Social Security numbers....
A hacker (or hacker group) known as The Dark Overlord (TDO) has leaked the first ten episodes of season 5 of the...
I was recently invited to take part in some research by BBC Click, alongside Professor Alan Woodward, to analyse a device that...
Lawsuit: After a sexual harassment claim, Fox News planted spyware on ex-host’s computer. Comparing their actions to the plot this season on...
Security experts from security firm Redsocks published an interesting report on how to crack APT28 traffic in a few seconds. Introduction APT28...
There are over 85,000 RDP servers available for sale or rent via xDedic, a marketplace for selling or renting hacked servers that...
Security vulnerabilities in the Hyundai Blue Link mobile apps allowed hackers to steal vehicles, the car maker fixed them. Security vulnerabilities in...