security hacks – Page 3 – WindowsTechs.com

This Week in Security: EUCLEAK, Revival Hijack, and More

Posted on September 6, 2024 by Jonathan Bennett

[Thomas Roche] of NinjaLab is out with EUCLEAK, (pdf) a physical attack against Infineon security microcontrollers, and the security tokens that contain them. The name is a portmanteau of Euclidean …read more Continue reading This Week in Security: EUCLEAK, Revival Hijack, and More→

This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking the TSA

Posted on August 30, 2024 by Jonathan Bennett

We finally have some answers about the Windows IPv6 vulnerability — and a Proof of Concept! The patch was a single change in the Windows TCP/IP driver’s Ipv6pProcessOptions(), now calling …read more Continue reading This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking the TSA→

This Week in Security: Three Billion SS Numbers, IPv6 RCE, and Ring -2

Posted on August 16, 2024 by Jonathan Bennett

You may have heard about a very large data breach, exposing the Social Security numbers of three billion individuals. Now hang on. Social Security numbers are a particularly American data …read more Continue reading This Week in Security: Three Billion SS Numbers, IPv6 RCE, and Ring -2→

Can You Hack The RP2350? There’s $10,000 On The Line

Posted on August 12, 2024 by Lewin Day

The Raspberry Pi Foundation had their new RP2350 chip audited by Hextree.io, and now, both companies want to see if you can hack it. Just to prove that they’re serious, …read more Continue reading Can You Hack The RP2350? There’s $10,000 On The Line→

This Week in Security: GhostWrite, Localhost, and More

Posted on August 9, 2024 by Jonathan Bennett

You may have heard some scary news about RISC-V CPUs. There’s good news, and bad news, and the whole thing is a bit of a cautionary tale. GhostWrite is a …read more Continue reading This Week in Security: GhostWrite, Localhost, and More→

This Week in Security: EvilVideo, Crowdstrike, and InSecure Boot

Posted on July 26, 2024 by Jonathan Bennett

First up this week is the story of EvilVideo, a clever telegram exploit that disguises an APK as a video file. The earliest record we have of this exploit is …read more Continue reading This Week in Security: EvilVideo, Crowdstrike, and InSecure Boot→

Hacking an IoT Camera Reveals Hard-Coded Root Password

Posted on July 25, 2024 by Dan Maloney

Hacking — at least the kind where you’re breaking into stuff — is very much a learn-by-doing skill. There’s simply no substitute for getting your hands dirty and just trying …read more Continue reading Hacking an IoT Camera Reveals Hard-Coded Root Password→

This Week in Security: Snowflake, The CVD Tension, and Kaspersky’s Exit — And Breaking BSOD

Posted on July 19, 2024 by Jonathan Bennett

In the past week, AT&T has announced an absolutely massive data breach. This is sort of a multi-layered story, but it gives me an opportunity to use my favorite piece …read more Continue reading This Week in Security: Snowflake, The CVD Tension, and Kaspersky’s Exit — And Breaking BSOD→

Linksys Velop Routers Caught Sending WiFi Creds in the Clear

Posted on July 15, 2024 by Tom Nardi

A troubling report from the Belgian consumer protection group Testaankoop: several models of Velop Pro routers from Linksys were found to be sending WiFi configuration data out to a remote …read more Continue reading Linksys Velop Routers Caught Sending WiFi Creds in the Clear→

Undo Arduino Encryption with an Oscilloscope

Posted on July 14, 2024 by Elliot Williams

Cryptography ain’t easy. Seemingly small details like how many times a computationally intensive loop runs can give the game away. [Lord Feistel] gives us a demo of how this could …read more Continue reading Undo Arduino Encryption with an Oscilloscope→