Through Mandiant investigation of intrusions, the FLARE Advanced Practices team observed a group we track as UNC1945 compromise managed service providers and operate against a tailored set...
Read moreTracking Users on Waze
October 29 2020
A security researcher discovered a wulnerability in Waze that breaks the anonymity of users:
I found out that I can visit Waze from any web browser at
Read more
NSA Advisory on Chinese Government Hacking
October 21 2020
The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers.
This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be...
Read more
Hacking Apple for Profit
October 12 2020Five researchers hacked Apple Computer’s networks — not their products — and found fifty-five vulnerabilities. So far, they have received $289K. One of the worst of all the bugs they...
Read moreHacking a Coffee Maker
September 29 2020
As expected, IoT devices are filled with vulnerabilities:
As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to...
Read more
Fuzzing Image Parsing in Windows, Part One: Color Profiles
September 24 2020Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to...
Read moreFuzzing Image Parsing in Windows, Part One: Color Profiles
September 24 2020Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to...
Read moreFuzzing Image Parsing in Windows, Part One: Color Profiles
September 24 2020Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to...
Read moreFuzzing Image Parsing in Windows, Part One: Color Profiles
September 24 2020Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to...
Read moreNew Bluetooth Vulnerability
September 17 2020There’s a new unpatched Bluetooth vulnerability:
The issue is with a protocol called Cross-Transport Key Derivation (or CTKD, for short). When, say, an iPhone is getting ready to pair...
Read more
Recent Comments