Zoom Exploit on MacOS
August 17 2022This vulnerability was reported to Zoom last December:
The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order...
Read more
Remotely Controlling Touchscreens
August 16 2022This is more of a demonstration than a real-world vulnerability, but researchers can use electromagnetic interference to remotely control touchscreens.
From a news article:
It’s important to note that...
Read more
$23 Million YouTube Royalties Scam
August 15 2022Scammers were able to convince YouTube that other peoples’ music was their own. They successfully stole $23 million before they were caught.
No one knows how common this scam...
Read moreI think the U is forced: SQUID consists of five steps: Stop, Question, Understand, Imagine, and Decide. As usual, you can also use this squid post to talk about the security...
Read moreTwitter accidentally exposed the personal information—including phone numbers and email addresses—for 5.4 million accounts. And someone was trying to sell this information.
In January 2022, we received a report...
Read more
A Taxonomy of Access Control
August 12 2022My personal definition of a brilliant idea is one that is immediately obvious once it’s explained, but no one has thought of it before. I can’t believe that no...
Read moreHacking Starlink
August 11 2022This is the first—of many, I assume—hack of Starlink. Leveraging a string of vulnerabilities, attackers can access the Starlink system and run custom code on the devices.
Read moreFriday Squid Blogging: New Squid Species
August 5 2022Seems like they are being discovered all the time: In the past, the DEEPEND crew has discovered three new species of Bathyteuthids, a type of squid that lives in depths...
Read moreSIKE Broken
August 4 2022SIKE is one of the new algorithms that NIST recently added to the post-quantum cryptography competition.
It was just broken, really badly.
We present an efficient key recovery...
Read more
Recent Comments