research
Hackers can turn Amazon Echo into a covert listening device
New research released by MWR InfoSecurity reveals how attackers can compromise the Amazon Echo and turn it into a covert listening device, without affecting its overall …
Researchers remotely hack Tesla Model X
Security researchers from Tencent’s Keen Security Lab have done it again: they’ve found vulnerabilities in one of Tesla’s cars and demonstrated that they can …
Phishers’ techniques and behaviours, and what to do if you’ve been phished
Once a user has been phished, how long does it takes for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva …
Security vulnerabilities in radiation monitoring devices
IOActive researcher Ruben Santamarta has uncovered a number of cybersecurity vulnerabilities in widely deployed Radiation Monitoring Devices (RDMs), and has presented his …
Critical security vulnerabilities enable full control of the Segway miniPRO electric scooter
New IOActive research exposes critical security vulnerabilities found in the Segway miniPRO electric scooter. If exploited, an attacker could bypass safety systems and …
EFF offers legal advice to researchers at Black Hat, B-Sides and DEF CON
Not all security researchers have someone to talk to and ask specific advice about the legal challenges that they could be faced while doing their work. If you are one of …
Satellite phone communications can be decrypted in near real-time
Satellite phone communications encrypted with the GMR-2 cipher can be decrypted in mere fractions of a second, two Chinese researchers have proved. The vulnerable cipher The …
Rising information security threats, and what to do about them
The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to …
Google researcher uncovers another RCE in Microsoft Malware Protection Engine
Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which …
Password Reset MITM: Exposing the need for better security choices
Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites …
Equipment already in space can be adapted for extremely secure data encryption
In a new study, researchers from the Max Planck Institute in Erlangen, demonstrate ground-based measurements of quantum states sent by a laser aboard a satellite 38,000 …
Keys, tokens and too much trust found in container images
We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far. It is estimated that between 30 to 70 percent of …