Collaborate Disseminate
By now it’s probable that most readers will have heard about LastPass’s “Security Incident“, in which users’ password vaults were lifted from their servers. We’re told that the vaults are …read more Continue reading The Problem With Passwords
The ubiquity of ransomware continues, this time with The Guardian announcing they were partially shut down from an attack. Staff are working from home as the incident is being investigated …read more Continue reading This Week in Security: Adblock for Security, ProxyNotShell Lives, and CVSS 10 to Not Worry About
With the proliferation of biometric access to mobile devices, entering a password on your desktop can feel so passé. [Snazzy Labs] decided to fix this problem for his Mac by …read more Continue reading Standalone Touch ID for Your Desktop Mac
Regular readers may recall that security researcher and general open source hardware fanatic [Walker] has been planning a rather unusual flash drive for some time — one that will only …read more Continue reading The Spit-Detecting USB Flash Drive is Nearly Here
It should be no surprise that running untrusted code in a GitHub Actions workflow can have unintended consequences. It’s a killer feature, to automatically run through a code test suite …read more Continue reading This Week in Security: GitHub Actions, SHA-1 Retirement, and a Self-Worming Vulnerability
In what’s being described as a Humpty-Dumpty incident, Rackspace customers have lost access to their hosted Exchange service, and by extension, lots of archived emails. The first official word of …read more Continue reading This Week in Security: Rackspace Falls Over, Poison Ping, and the WordPress Race
A modchip is a small PCB that mounts directly on a larger board, tapping into points on that board to make it do something it wasn’t meant to do. We’ve …read more Continue reading A Modchip To Root Starlink User Terminals Through Voltage Glitching
Cryptographic coprocessors are nice, for the most part. These are small chips you connect over I2C or One-Wire, with a whole bunch of cryptographic features implemented. They can hash data, …read more Continue reading Defeating A Cryptoprocessor With Laser Beams
Imagine a movie featuring a scene set in a top-secret bioweapons research lab. The villain, clad in a bunny suit, strides into the inner sanctum of the facility — one …read more Continue reading Sick Beats: Using Music and Smartphone to Attack a Biosafety Room
What’s a Scramblepad? It’s a type of number pad in which the numbers aren’t in fixed locations, and can only be seen from a narrow viewing angle. Every time the …read more Continue reading Scramblepad Teardown Reveals Complicated, Expensive Innards