26 Feb 2019

ToRPEDO Privacy Attack on 4G/5G Networks Affects All U.S. Carriers

A team of researchers from the Purdue University and the University of Iowa have discovered major flaws in 4G and 5G mobile protocols that allow for three types of attacks with privacy-breaking consequences. The central attack, dubbed ToRPEDO, allows attackers to obtain the phone number, location information and other data

Read More
21 Feb 2019

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

According to Ken Munro, a security researcher with Pen Test Partners, gaining access to the network of a ship is in most cases “a low-skill attack.” As Munro explains: “[P]assword security and patch management are so poor at sea that compromise does not require significant expertise.” This is very worrisome, because a

Read More
20 Feb 2019

New Vulnerabilities Found in Top Password Managers

New research by Independent Security Evaluators (ISE) has found serious flaws in the top password managers 1Password, Dashlane, KeePass and LastPass, which render the products about as secure as text files containing passwords. ISE CEO Stephen Bono stated that “100 percent of the products that ISE analyzed failed to provide the

Read More
13 Feb 2019

Microsoft, Adobe Both Close More Than 70 Security Issues

As part of Patch Tuesday, Microsoft and Adobe each released over 70 fixes for security flaws in their products. One of the Microsoft patches addresses a privilege escalation vulnerability affecting Microsoft’s Exchange server, which is likely to be under active exploitation. According to Dustin Childs of Trend Micro, the flaw “allows

Read More
08 Feb 2019

Security vulnerabilities in video conferencing devices could be remotely exploited by hackers

Security researchers with Trustwave have spotted serious security flaws in four connected video conferencing products by Lifesize. The vulnerabilities could enable threat actors to remotely take control of the devices and access audio and video recordings. The affected products are Lifesize Team, Lifesize Room, Lifesize Passport and Lifesize Networker. Lifesize is

Read More
08 Feb 2019

Google Spots Attacks Exploiting iOS Zero-Day Flaws

On Thursday, Apple released iOS 12.1.4, the latest version of it’s mobile operating system, which patches four discovered security holes. Two of the vulnerabilities were connected to the recently uncovered FaceTime bug that allowed users to turn on the microphone and camera of the person they were calling. The other

Read More
06 Feb 2019

RDP Servers Can Hack Client Devices: Researchers

Check Point researchers have found a whopping 25 security flaws affecting popular remote desktop protocol (RDP) software, 16 of which were labeled as “major”. RDP makes it possible to remotely operate devices on a network. RDP accounts are increasingly popular targets for cybercriminals, as obtaining access to one can give

Read More
29 Jan 2019

Disable FaceTime Now! Bug Lets Callers Snoop On You Without Permission

FaceTime users may want to turn off the app on their iOS device to prevent threat actors from spying on them. Apple is preparing an out-of-bound patch for a major iOS security flaw affecting FaceTime. The bug allows callers to tune in to the audio and video feeds from the microphone and

Read More
24 Jan 2019

Apple Patches Dozens of Vulnerabilities in iOS, macOS

Apple has released security patches and other fixes for a host of flaws affecting iOS, macOS, tvOS, watchOS, Safari and iCloud. Many of the 31 iOS patches fixed arbitrary code execution vulnerabilities affecting various features including Bluetooh, FaceTime and Kernel. Other iOS security flaws that were addressed could have enabled

Read More
23 Jan 2019

How Web Apps Can Turn Browser Extensions Into Backdoors

Browser extensions have a bad reputation when it comes to security, as they frequently contain vulnerabilities that put users at risk. New research highlights these risks by describing how certain privileged extensions for the Chrome, Firefox and Opera browsers are vulnerable to exploitation by web applications. The discovered flaws can

Read More