security hacks – Page 23 – WindowsTechs.com

Lift the Veil On RSA With This RSA Calculator

Posted on July 9, 2022 by Arsenijs Picugins

Screenshot of the RSA calculator, showing the fields that you can fill into and the results as they propagate through the calculation

Encryption algorithms can be intimidating to approach, what’s with all the math involved. However, once you start digging into them, you can break the math apart into smaller steps, and …read more Continue reading Lift the Veil On RSA With This RSA Calculator→

This Week in Security:Breaking CACs to Fix NTLM, The Biggest Leak Ever, and Fixing Firefox by Breaking It

Posted on July 8, 2022 by Jonathan Bennett

To start with, Microsoft’s June Security Patch has a fix for CVE-2022-26925, a Man-In-The-Middle attack against NTLM. According to NIST, this attack is actively being exploited in the wild, so …read more Continue reading This Week in Security:Breaking CACs to Fix NTLM, The Biggest Leak Ever, and Fixing Firefox by Breaking It→

Unlock Any (Honda) Car

Posted on July 8, 2022 by Arsenijs Picugins

A Honda car behind a gate, with its turn signals shown blinking as it's being unlocked by a portable device implementing the hack in question. Text under the car says "Rolling Pwned".

Honda cars have been found to be severely vulnerable to a newly published Rolling PWN attack, letting you remotely open the car doors or even start the engine. So far …read more Continue reading Unlock Any (Honda) Car→

This Week in Security: Zimbra RCE, Routers Under Attack, and Old Tricks in WebAssembly

Posted on July 1, 2022 by Jonathan Bennett

There’s a problem in the unrar utility, and as a result, the Zimbra mail server was vulnerable to Remote Code Execution by simply sending an email. So first, unrar is …read more Continue reading This Week in Security: Zimbra RCE, Routers Under Attack, and Old Tricks in WebAssembly→

This Week in Security: IoT In the Hot Tub, App Double Fail, and FreeBSD BadBeacon

Posted on June 24, 2022 by Jonathan Bennett

[Eaton Zveare] purchased a Jacuzzi hot tub, and splurged for the SmartTub add-on, which connects the whirlpool to the internet so you can control temperature, lights, etc from afar. He …read more Continue reading This Week in Security: IoT In the Hot Tub, App Double Fail, and FreeBSD BadBeacon→

HDMI Is An Attack Surface, So Here’s An HDMI Firewall

Posted on June 22, 2022 by Jenny List

Many years of using televisions, monitors, and projectors have conditioned us into treating them as simple peripherals whose cables carry only video. A VGA cable may have an i2c interface …read more Continue reading HDMI Is An Attack Surface, So Here’s An HDMI Firewall→

Build Your Own Two-Factor Authenticator With Good USB

Posted on June 18, 2022 by Lewin Day

Two-factor authentication is becoming the norm for many applications and services, and security concerns around phone porting hacks are leading to a phaseout of SMS-based systems. Amidst that backdrop, [Josh] …read more Continue reading Build Your Own Two-Factor Authenticator With Good USB→

Your Building’s RFID Access Tags Might Be Really Insecure

Posted on June 18, 2022 by Lewin Day

[Gabe Schuyler] had a frustrating problem when it came to getting into his building’s garage. The RFID access system meant he had to remove his gloves while sitting on his …read more Continue reading Your Building’s RFID Access Tags Might Be Really Insecure→

This Week in Security: Pacman, Hetzbleed, and The Death of Internet Explorer

Posted on June 17, 2022 by Jonathan Bennett

There’s not one, but two side-channel attacks to talk about this week. Up first is Pacman, a bypass for ARM’s Pointer Authentication Code. PAC is a protection built into certain …read more Continue reading This Week in Security: Pacman, Hetzbleed, and The Death of Internet Explorer→

This Week in Security: For The Horde, Feature Not a Bug, and Confluence

Posted on June 10, 2022 by Jonathan Bennett

If you roll way back through the history of open source webmail projects, you’ll find Horde, a groupware web application. First released in 1998 on Freshmeat, it gained some notoriety …read more Continue reading This Week in Security: For The Horde, Feature Not a Bug, and Confluence→