security hacks – Page 2 – WindowsTechs.com

This Week in Security: Zimbra, DNS Poisoning, and Perfctl

Posted on October 4, 2024 by Jonathan Bennett

Up first this week is a warning for the few of us still brave enough to host our own email servers. If you’re running Zimbra, it’s time to update, because …read more Continue reading This Week in Security: Zimbra, DNS Poisoning, and Perfctl→

MikroPhone – Open, Secure, Simple Smartphone

Posted on October 2, 2024 by Arya Voronova

Modern smartphones try and provide a number of useful features to their users, and yet, they’re not exactly designed with human needs in mind. A store-bought smartphone will force a …read more Continue reading MikroPhone – Open, Secure, Simple Smartphone→

Hacking Kia: Remotely Hijack a Car Using Only Its License Plate

Posted on September 27, 2024 by Maya Posch

These days everything needs to be connected to remote servers via the internet, whether it’s one’s TV, fridge or even that new car you just bought. A recently discovered (and …read more Continue reading Hacking Kia: Remotely Hijack a Car Using Only Its License Plate→

This Week in Security: Password Sanity, Tank Hacking, And The Mystery 9.9

Posted on September 27, 2024 by Jonathan Bennett

It looks like there’s finally hope for sane password policies. The US National Institue of Standards and Technology, NIST, has released a draft of SP 800-63-4, the Digital Identity Guideline. …read more Continue reading This Week in Security: Password Sanity, Tank Hacking, And The Mystery 9.9→

British Commuters Get Their WiFi Hacked

Posted on September 27, 2024 by Jenny List

As if there weren’t enough worrying global news stories already, today the British press and media have been full of a story involving the public WiFi networks at some major …read more Continue reading British Commuters Get Their WiFi Hacked→

This Week in Security: Open Source C2, Raptor Trains, and End to End Encryption

Posted on September 20, 2024 by Jonathan Bennett

Open Source has sort of eaten everything in software these days. And that includes malware, apparently, with open source Command and Control (C2) frameworks like Sliver and Havoc gaining traction. …read more Continue reading This Week in Security: Open Source C2, Raptor Trains, and End to End Encryption→

This Week in Security: Malicious Rollback, WHOIS, and More

Posted on September 13, 2024 by Jonathan Bennett

It’s time to talk about Microsoft’s patch Tuesday, and the odd vulnerability rollback that happened. CVE-2024-43491 has caught some attention, as it’s a 9.8 on the CVSS scale, is under …read more Continue reading This Week in Security: Malicious Rollback, WHOIS, and More→

This Week in Security: EUCLEAK, Revival Hijack, and More

Posted on September 6, 2024 by Jonathan Bennett

[Thomas Roche] of NinjaLab is out with EUCLEAK, (pdf) a physical attack against Infineon security microcontrollers, and the security tokens that contain them. The name is a portmanteau of Euclidean …read more Continue reading This Week in Security: EUCLEAK, Revival Hijack, and More→

This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking the TSA

Posted on August 30, 2024 by Jonathan Bennett

We finally have some answers about the Windows IPv6 vulnerability — and a Proof of Concept! The patch was a single change in the Windows TCP/IP driver’s Ipv6pProcessOptions(), now calling …read more Continue reading This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking the TSA→

This Week in Security: Three Billion SS Numbers, IPv6 RCE, and Ring -2

Posted on August 16, 2024 by Jonathan Bennett

You may have heard about a very large data breach, exposing the Social Security numbers of three billion individuals. Now hang on. Social Security numbers are a particularly American data …read more Continue reading This Week in Security: Three Billion SS Numbers, IPv6 RCE, and Ring -2→