Category: vulnerabilities

Auto Added by WPeMatico

Tesla Remotely Hacked from a Drone

Posted on By infossl
cars, drones, hacking, Security technology, Uncategorized, vulnerabilities, Wi-Fi

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi. It would be possible for an attacker … Read More “Tesla Remotely Hacked from a Drone” »

Serious MacOS Vulnerability Patched

Posted on By infossl
apple, malware, operating systems, patching, Security technology, Uncategorized, vulnerabilities

Apple just patched a MacOS vulnerability that bypassed malware checks. The flaw is akin to a front entrance that’s barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through. Apple mistakenly assumed that applications will always have certain specific attributes. Owens discovered that if he … Read More “Serious MacOS Vulnerability Patched” »

Security Vulnerabilities in Cellebrite

Posted on By infossl
intelligence, police, Security technology, signal, smartphones, Uncategorized, vulnerabilities

Moxie Marlinspike has an intriguing blog post about Cellebrite, a tool used by police and others to break into smartphones. Moxie got his hands on one of the devices, which seems to be a pair of Windows software packages and a whole lot of connecting cables. According to Moxie, the software is riddled with vulnerabilities. … Read More “Security Vulnerabilities in Cellebrite” »

When AIs Start Hacking

Posted on By infossl
artificial intelligence, essays, hacking, Security technology, Uncategorized, vulnerabilities

If you don’t have enough to worry about already, consider a world where AIs are hackers. Hacking is as old as humanity. We are creative problem solvers. We exploit loopholes, manipulate systems, and strive for more influence, power, and wealth. To date, hacking has exclusively been a human activity. Not for long. As I lay … Read More “When AIs Start Hacking” »

Accellion Supply Chain Hack

Posted on By infossl
hacking, patching, Security technology, supply chain, Uncategorized, vulnerabilities

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. There’s much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software. The governor of New Zealand’s central bank, Adrian Orr, says Accellion failed to warn it … Read More “Accellion Supply Chain Hack” »

Easy SMS Hijacking

Posted on By infossl
authentication, cell phones, cybercrime, Security technology, sms, Uncategorized, vulnerabilities

Vice is reporting on a cell phone vulnerability caused by commercial SMS services. One of the things these services permit is text message forwarding. It turns out that with a little bit of anonymous money — in this case, $16 off an anonymous prepaid credit card — and a few lies, you can forward the … Read More “Easy SMS Hijacking” »

Exploiting Spectre Over the Internet

Posted on By infossl
exploits, google, Security technology, Uncategorized, vulnerabilities

Google has demonstrated exploiting the Spectre CPU attack remotely over the web: Today, we’re sharing proof-of-concept (PoC) code that confirms the practicality of Spectre exploits against JavaScript engines. We use Google Chrome to demonstrate our attack, but these issues are not specific to Chrome, and we expect that other modern browsers are similarly vulnerable to … Read More “Exploiting Spectre Over the Internet” »

On Not Fixing Old Vulnerabilities

Posted on By infossl
malware, patching, Security technology, Uncategorized, vulnerabilities

How is this even possible? …26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 2013­2017, which indicates a lack of recent software updates,” the reported stated. 26%!? One in four networks? … Read More “On Not Fixing Old Vulnerabilities” »