Category: Exploits & Attacks

April 20th, 2017 by John

Home | The Security Cards: A Security Threat Brainstorming Kit

The University of Washington has developed a set of 42 playing cards for modeling security and privacy threats. The cards encourage you to brainstorm about potential threats along 4 dimensions: Read More

Posted in Cool-Stuff, Cybersecurity & Infosec, Exploits & Attacks

April 19th, 2017 by John

In an interesting turn, Hajime is a vigilante-style project intended to disrupt Mirai and similar IoT botnets.

Posted in Criminal, Exploits & Attacks, IoT, IIoT, ICS-SCADA

April 19th, 2017 by John

The Shadow Brokers released nation-state NSA exploits and Rapid7 researchers explain what this means in a concise article, worth a read.

Posted in Criminal, Exploits & Attacks

April 19th, 2017 by John

Posted in Criminal, Exploits & Attacks

April 14th, 2017 by John

Think about it. We’ve been sending spacecraft into orbit and beyond for 50 years. Information security was not a primary concern. Many of these systems are IoT devices, in practice, and they won’t all have strong authentication processes or be updatable, so what is the impact if someone hacks a NASA probe? NASA chief has big concerns.

Posted in Exploits & Attacks, IoT, IIoT, ICS-SCADA

April 14th, 2017 by John

Posted in Exploits & Attacks, IoT, IIoT, ICS-SCADA

April 4th, 2017 by John

In literally less than 1 week after Apple released iOS 10.3 to remedy 70 vulnerabilities, an overflow bug is discovered by Google Zero team, leading to today’s iOS 10.3.1 patch. Be sure to go to Settings –> General –> Software Update on your iOS device and ensure you have the latest patches.

https://www.scmagazine.com/buffer-overflow-bug-patched-in-latest-ios-update/article/648280/

Posted in Cybersecurity & Infosec, Exploits & Attacks

April 2nd, 2017 by John

“Yesterday, at the BlackHat Asia 2017 security conference, researchers from cyber-security firm Cylance disclosed two vulnerabilities in the firmware of Gigabyte BRIX small computing devices, which allow an attacker to write malicious content to the UEFI firmware.”

Posted in Cybersecurity & Infosec, Exploits & Attacks