IOActive – Page 4 – WindowsTechs.com

Confide, the White House’s favorite messaging app, has multiple critical vulnerabilities

Posted on March 8, 2017 by Patrick O'Neill

Confide, the messaging app pitched as a secure communications platform for Washington D.C.’s most high powered political operatives, is finally under the security microscope. Security researchers at Seattle-based IOActive found multiple critical vulnerabilities in Confide after it underwent a security audit for the first time in February. Several of the critical vulnerabilities impacting Confide, which employs no cryptography specialists on its development team, include leaking decrypted messages to attackers. Although the app has been pushed to headlines by a three-year long marketing operation, the audit was the first time Confide’s team dealt with researchers taking the app apart. That means the vulnerabilities may have existed for years even as journalists and White House operatives used Confide for secure messaging. IOActive researchers have privately told industry colleagues for several weeks to stop using Confide immediately. Ryan O’Horo, a managing security consultant for IOActive, appeared to call the vulnerabilities the most shocking security failures he’d seen in […]

The post Confide, the White House’s favorite messaging app, has multiple critical vulnerabilities appeared first on Cyberscoop.

Continue reading Confide, the White House’s favorite messaging app, has multiple critical vulnerabilities→

Robots Rife With Cybersecurity Holes

Posted on March 1, 2017 by Tom Spring

IOActive Labs released a report Wednesday warning that consumer, industrial, and service robots in use today have serious security vulnerabilities. Continue reading Robots Rife With Cybersecurity Holes→

Panasonic, IOActive Clash on Vulnerability Report

Posted on December 21, 2016 by Michael Mimoso

Panasonic Avionics has pushed back against research released Tuesday by IOActive disclosing vulnerabilities in in-flight entertainment systems. Continue reading Panasonic, IOActive Clash on Vulnerability Report→

In-Flight Entertainment System Flaws Put Passenger Data at Risk

Posted on December 20, 2016 by Michael Mimoso

IOActive researchers disclosed vulnerabilities in Panasonic Avionics In-Flight Entertainment systems that could be abused to manipulate flight data shown to passengers, or steal their personal information. Continue reading In-Flight Entertainment System Flaws Put Passenger Data at Risk→

Multiple Vulnerabilities Identified in ‘Utterly Broken’ BHU Routers

Posted on August 19, 2016 by Chris Brook

Researchers have identified a router so fraught with vulnerabilities and so “utterly broken” that it can be exploited to do pretty much anything. Continue reading Multiple Vulnerabilities Identified in ‘Utterly Broken’ BHU Routers→

IOActive offers offensive security approach to risk assessment

Posted on July 28, 2016 by Help Net Security

IOActive launched its Advisory Services practice, offering strategic security consulting that leverages IOActive’s testing and research expertise to help customers better align their security programs with business objectives. While most risk management services are based primarily on legal, accounting, or audit/compliance pedigrees, IOActive is in a distinctive position to assess security programs from the perspective of actual attackers. The company’s offensive security experience provides insight to customers well before threats, countermeasures, and best practices make … More → Continue reading IOActive offers offensive security approach to risk assessment→

Clarke: Precedent-Seeking FBI Won’t Ask NSA to Unlock Phone

Posted on March 15, 2016 by Michael Mimoso

Former counterterrorism chief Richard A. Clarke told NPR questioned the FBI’s motivations in its debate against Apple over unlocking a terrorist’s iPhone. Continue reading Clarke: Precedent-Seeking FBI Won’t Ask NSA to Unlock Phone→