How to avoid headaches when publishing a CVE
You have discovered a vulnerability. Congratulations! So, what happens next? Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process which starts …
research
Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …
How mobile app usage data could reveal a person’s identity
The time a person spends on different smartphone apps is enough to identify them from a larger group in more than one in three cases say researchers, who warn of the …
How hackers could use popular virtual reality headsets to steal sensitive information
Researchers at Rutgers University-New Brunswick have published “Face-Mic,” the first work examining how voice command features on virtual reality headsets could lead to major …
Preventing software security vulnerabilities with automation
A team of UTSA researchers is exploring how a new automated approach could prevent software security vulnerabilities. The team sought to develop a deep learning model that …
Researchers propose a new method for quantum computing in trapped ions
Physicists from the University of Amsterdam have proposed a new architecture for a scalable quantum computer. Making use of the collective motion of the constituent particles, …
VirusTotal Hacking: Finding stolen credentials hosted on VirusTotal
VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach …
Detect and identify IoT malware by analyzing electromagnetic signals
Electromagnetic (EM) emanations can be recorded and used to detect and identify malware running on IoT devices, a group of researchers working at IRISA have proven. The setup …
150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238)
Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities (CVE-2021-39237) and two different font parsing …
Researchers shed light on hidden root CAs
How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. …
Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)
Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …