In This Section


Category: Device Security

October 21, 2016
Ancient Privilege Escalation Bug Haunts Linux
Researchers are warning about a serious vulnerability in the Linux kernel that affects essentially all of the current versions of the operating system in use right now. The vulnerability is a local privilege-escalation flaw, which isn’t normally cause for much concern, because an attacker needs local access to a vulnerable device in order to exploit…
Read More →
October 18, 2016
LockyDump Tool Helps Track Ransomware Configurations and Variants
The group behind the Locky ransomware has continued to update and improve the malware its distributing, and security researchers have been racing to keep up with the changes. The Talos research team at Cisco is part of that effort and the group has released a new tool that can dump all of the configuration information…
Read More →
October 17, 2016
Congress Wants Answers on Yahoo Email Scanning
Nearly 50 members of Congress are demanding information from the director of national intelligence about the email scanning order that the Department of Justice reportedly delivered to Yahoo last year. The order, which was revealed earlier this month in stories by Reuters, reportedly required the company to create a system that would inspect all incoming emails…
Read More →
October 17, 2016
DHS Warns Mirai Malware is Targeting Sierra Wireless Gateways
DHS is warning users that the Mirai malware is infecting wireless gateways sold by Sierra Wireless and using the compromised devices as part of a botnet for DDoS attacks. The Mirai malware has been targeting a variety of embedded devices, especially CCTV cameras, that have default telnet credentials enabled and compromising them. The attackers deploying…
Read More →
October 14, 2016
Pork Explosion Backdoor Found in Some Android Bootloaders
A security researcher has uncovered a debugging feature left in some Android firmware images on devices assembled by Foxconn that essentially serves as a fully functioning backdoor that can be exploited in as little as five seconds. Researcher Jon Sawyer found the backdoor in a bootloader that Foxconn provides on some of the Android phones it…
Read More →
October 12, 2016
Signal Adds Expiring Messages to Encrypted Chats
The steady march toward greater use of encryption and increased privacy in mobile communications has taken another step forward with Signal, the encrypted messaging app, introducing disappearing messages. The newest version of Signal for both iOS and Android, as well as the desktop app, include the feature, which enables users to set timers for when…
Read More →
October 7, 2016
Bugs in Chinese IoT Components Aid Mirai Botnet Spread
Researchers looking into the Mirai botnet that has been used in two massive DDoS attacks in the last couple of weeks have discovered that many of the compromised IoT devices in the botnet include components from one Chinese manufacturer and have hardcoded credentials that can’t be changed. The Mirai botnet is made up of a…
Read More →
October 6, 2016
New Attack Invisibly Monitors Mac Video Calls
There have been a number of pieces of malware to emerge in the last few years that have the ability to hook into the microphone and camera of infected machines, allowing attackers to record private conversations of targeted users. Now a researcher is releasing a new tool that can detect and alert Mac users to hidden…
Read More →
October 3, 2016
Your Body is a Wonderland–For Transmitting Passwords
Credential theft is one of the more persistent and troubling threats in security, and researchers have been trying to come up with answers to it for decades. A team at the University of Washington has developed a system that can prevent attackers from intercepting passwords and keys sent over the air by sending them through users’ bodies…
Read More →
September 30, 2016
Hack iOS 10 and Get $1.5 Million
The stakes in the vulnerability acquisition and bug bounty game have just gone up several notches, with a well-known security startup now offering $1.5 million for a remote jailbreak in iOS 10. The payout was put on the table Thursday by Zerodium, a company that buys vulnerabilities and exploits for high-value target platforms and applications. The company…
Read More →
2019 Voice Intelligence Webinar Series – where voice, not touch is the main interface for customers.