research
Android devices delivered to employees with pre-installed malware
A test of Android devices used in two unnamed companies revealed that 38 of them were infected with malware before being delivered to the employees. These were smartphones by …
185,000+ vulnerable Wi-Fi cameras just waiting to be hijacked
A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet. The …
Encrypted messaging app Confide suffers from many security issues
Confide, the encrypted instant messaging application with a self-destructing messaging system that has become popular with White House staffers, is not so secure after all. …
Western Digital My Cloud NAS devices wide open to attackers
Western Digital My Cloud NAS devices have again been found wanting in the security department, as two set of researchers have revealed a number of serious flaws in the …
Multiple security flaws found in mainstream robotic technologies
IOActive exposed numerous vulnerabilities found in multiple home, business, and industrial robots available on the market today. The array of vulnerabilities identified in the …
Results of the rogue Access Point experiment at RSA Conference 2017
The security of open Wi-Fi hotspots has been a subject of great concern for years. But, would you believe that we were overwhelmingly successful using Wi-Fi attacks dating …
New attack sounds death knell for widely used SHA-1 crypto hash function
SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a …
Removing admin rights mitigates most critical Microsoft vulnerabilities
Avecto has analyzed the security bulletins Microsoft released in the past year, and came to an important conclusion: an overwhelming majority of all the critical Microsoft …
Detecting PLC malware in industrial control systems
How can attackers load programmable logic controllers (PLC) with destructive malware, and how can the operators of industrial control systems (ICS) detect it? According to a …
25% of web apps still vulnerable to eight of the OWASP Top Ten
69 percent of web applications are plagued by vulnerabilities that could lead to sensitive data exposure, and 55 percent by cross-site request forgery flaws, the results of a …
The security impact of HTTPS interception in the wild
HTTPS deployment is on an upward trajectory, and this growth is accompanied by the increasing HTTPS interception and SSL inspection by enterprise-grade firewalls, web filters, …
Can smartphone thieves be identified in seconds?
Ben-Gurion University of the Negev (BGU) researchers have developed a technique that identifies a smartphone thief or intruder in under 14 seconds. “While most people …