Collaborate Disseminate
No. 4 global phone maker, Xiaomi, preinstalled a security app called ‘Guard Provider’ that had a major flaw. Continue reading This Preinstalled Mobile Security App Delivered Vulnerabilities, Not Protection
There was a shocking turn of events in crypto-world. Continue reading Reddit Gold: Alice and Bob, Caught in a Web of Lies
A friend of mine offered me a Lenovo Watch X – which costs around €60 – in return for helping him with a security project. I was impressed with the design and the quality of the watch. Of course, I also immediately wanted to test its … Continue reading Your Lenovo Watch X Is Watching You & Sharing What It Learns
The laptop giant will settle a 32-state class-action lawsuit stemming from pre-installing vulnerable ad-targeting software. Continue reading Lenovo Ordered to Pay $7.3M in Superfish Fiasco
Turla, also known as Venomous Bear, Waterbug, and Uroboros, may be best known for what was at the time an “ultra complex” snake rootkit focused on NATO-related targets, but their malware set and activity is much broader. Our current focus is on more recent and upcoming activity from this APT. Continue reading Shedding Skin – Turla’s Fresh Faces
The number one source of TLS/SSL Man in the Middle (MitM) attacks on encrypted mobile traffic are not corporate firewalls or captive portals used by hotels, airports and other organizations offering free Wi-Fi access – it’s spyware. “A big chunk … Continue reading Who’s trying to eavesdrop on your customers’ encrypted mobile traffic?
The attack targets IKE’s handshake implementation used for IPsec-based VPN connections, opening the door for MiTM attacks or for bad actors to access data carried in VPN sessions. Continue reading Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw
The glitch stems from a functionality intended to allow updates to the UEFI firmware. Continue reading Update Mechanism Flaws Allow Remote Attacks on UEFI Firmware
The growing popularity of car sharing services has led some experts to predict an end to private car ownership in big cities. But information security specialists have started raising some pertinent questions: how are the users of these services protected and what potential risks do they face in the event of unauthorized access to their accounts? Continue reading A study of car sharing apps
By Waqas
The Bluetooth flaw also opens door to a man-in-the-middle attack. The IT security researchers at Israel Institute of Technology have discovered a critical security vulnerability in some implementations of the Bluetooth standard in which not al… Continue reading Update your devices: New Bluetooth flaw lets attackers monitor traffic