Remote Butler attack: APT groups’ dream come true
Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full …
QRLJacking: A new attack vector for hijacking online accounts
We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. …
UAC bypass attack on Windows 10 allows malicious DLL loading
Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and …
Hacking smartphones via voice commands hidden in YouTube videos
A group of researchers from Georgetown University and UC Berkeley have demonstrated how voice commands hidden in YouTube videos can be used by malicious attackers to …
The DAO is under attack, a third of its ether reserves stolen
The DAO, a digital Decentralised Autonomous Organisation that has been set up to support projects related to Ethereum, a public blockchain platform that allows programmable …
How programmers can be tricked into running bad code
Are programming language package managers vulnerable to typosquatting attacks? And can these attacks result in software developers running potentially malicious code? The …
DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable
There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users …