Collaborate Disseminate
For a long time, law enforcement agencies and hackers have been able to track the identity and location of mobile users by setting up fake cellular network towers and tricking their devices to connect to them. Researchers have now found that the sam… Continue reading Mobile subscriber identity numbers can be exposed over Wi-Fi
Researchers have devised a new malware attack against industrial programmable logic controllers (PLCs) that takes advantage of architectural shortcomings in microprocessors and bypasses current detection mechanisms.
The attack changes the configuration of the input/output pins that make up the interface used by PLCs to communicate with other devices such as sensors, valves, and motors. PLCs are specialized embedded computers used to control and monitor physical processes in factories, power stations, gas refineries, public utilities, and other industrial installations.
The attack, which will be presented at the Black Hat Europe security conference in London on Thursday, was developed by Ali Abbasi, a doctoral candidate in the distributed and embedded system security group at the University of Twente in the Netherlands, and Majid Hashemi, a research and development engineer at Quarkslab, a Paris-based cybersecurity company.
To read this article in full or to leave a comment, please click here
Continue reading Researchers build undetectable rootkit for programmable logic controllers
Researchers have devised a new malware attack against industrial programmable logic controllers (PLCs) that takes advantage of architectural shortcomings in microprocessors and bypasses current detection mechanisms.
The attack changes the configuration of the input/output pins that make up the interface used by PLCs to communicate with other devices such as sensors, valves, and motors. PLCs are specialized embedded computers used to control and monitor physical processes in factories, power stations, gas refineries, public utilities, and other industrial installations.
The attack, which will be presented at the Black Hat Europe security conference in London on Thursday, was developed by Ali Abbasi, a doctoral candidate in the distributed and embedded system security group at the University of Twente in the Netherlands, and Majid Hashemi, a research and development engineer at Quarkslab, a Paris-based cybersecurity company.
To read this article in full or to leave a comment, please click here
Continue reading Researchers build undetectable rootkit for programmable logic controllers
Following similar decisions by Mozilla and Apple, Google plans to reject new digital certificates issued by two certificate authorities because they violated industry rules and best practices.
The ban will go into effect in Chrome version 56, which is currently in the dev release channel, and will apply to all certificates issued by certificate authorities WoSign and StartCom after October 21. Browsers rely on digital certificates to verify the identity of websites and to establish encrypted connections with them.
Certificates issued before October 21 will continue to be trusted as long as they’re published to the public Certificate Transparency logs or have been issued to a limited set of domains owned by known WoSign and StartCom customers.
To read this article in full or to leave a comment, please click here
Continue reading Google to untrust WoSign and StartCom certificates
Following similar decisions by Mozilla and Apple, Google plans to reject new digital certificates issued by two certificate authorities because they violated industry rules and best practices.
The ban will go into effect in Chrome version 56, which is currently in the dev release channel, and will apply to all certificates issued by certificate authorities WoSign and StartCom after October 21. Browsers rely on digital certificates to verify the identity of websites and to establish encrypted connections with them.
Certificates issued before October 21 will continue to be trusted as long as they’re published to the public Certificate Transparency logs or have been issued to a limited set of domains owned by known WoSign and StartCom customers.
To read this article in full or to leave a comment, please click here
Continue reading Google to untrust WoSign and StartCom certificates
Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management sy… Continue reading Joomla websites attacked en masse using recently patched exploits
Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.
The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management … Continue reading Joomla websites attacked en masse using recently patched exploits
Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.The new method was devised by researchers from security… Continue reading New Windows code injection method could let malware bypass detection
Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.The new method was devised by researchers from security… Continue reading New Windows code injection method could let malware bypass detection
Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems.The new method was devised by researchers from security… Continue reading New Windows code injection method could let malware bypass detection