security hacks – Page 4 – WindowsTechs.com

This Week in Security: Filename Not Sanitized, MonikerLink, and Snap Attack!

Posted on February 16, 2024 by Jonathan Bennett

Reading through a vulnerability report about ClamAV, I came across a phrase that filled me with dread: “The file name is not sanitized”. It’s a feature, VirusEvent, that can be …read more Continue reading This Week in Security: Filename Not Sanitized, MonikerLink, and Snap Attack!→

Why Stealing a Car with Flipper Zero is a Silly Idea

Posted on February 16, 2024 by Maya Posch

In another regular installment of politicians making ridiculous statements about technology, Canada’s Minister of Innovation, Science and Industry, [François-Philippe Champagne], suggested banning Flipper Zero and similar devices from sale in …read more Continue reading Why Stealing a Car with Flipper Zero is a Silly Idea→

This Week in Security: Broken Shims, LassPass, and Toothbrushes?

Posted on February 9, 2024 by Jonathan Bennett

Linux has a shim problem. Which naturally leads to a reasonable question: What’s a shim, and why do we need it? The answer: Making Linux work wit Secure Boot, and …read more Continue reading This Week in Security: Broken Shims, LassPass, and Toothbrushes?→

Beating Bitlocker in 43 seconds

Posted on February 7, 2024 by Adam Fabio

How long does it take to steal your Bitlocker keys? Try 43 seconds, using less than $10 in hardware. Encrypting your hard drive is good security. If you’re running Windows, …read more Continue reading Beating Bitlocker in 43 seconds→

This Week in Security: Glibc, Ivanti, Jenkins, and Runc

Posted on February 2, 2024 by Jonathan Bennett

There’s a fun buffer overflow problem in the Glibc __vsyslog_internal() function. This one’s a real rollercoaster, because logging vulnerabilities are always scary, but at a first look, it seems nearly …read more Continue reading This Week in Security: Glibc, Ivanti, Jenkins, and Runc→

This Week in Security: MOAB, Microsoft, and Printers

Posted on January 26, 2024 by Jonathan Bennett

This week, news has broken of the Mother of All Breaches, MOAB. It’s 12 terabytes and 26 billion records, averaging about 500 bytes each. Now note that a record here …read more Continue reading This Week in Security: MOAB, Microsoft, and Printers→

This Week in Security: Gitlab, VMware, and PixeFAIL

Posted on January 19, 2024 by Jonathan Bennett

There’s a Gitlab vulnerability that you should probably pay attention to. Tracked as CVE-2023-7028, this issue allows an attacker to specify a secondary email during a the password reset request. …read more Continue reading This Week in Security: Gitlab, VMware, and PixeFAIL→

Breaking The Flash Encryption Feature Of Espressif’s Microcontrollers

Posted on January 16, 2024 by Maya Posch

Espressif’s ESP32 microcontrollers come with a Flash encryption feature that when enabled ensures that the data and code stored on the (usually external) Flash chip is encrypted with AES-256 (ESP32) …read more Continue reading Breaking The Flash Encryption Feature Of Espressif’s Microcontrollers→

This Week in Security: AI is Terrible, Ransomware Wrenches, and Airdrop

Posted on January 12, 2024 by Jonathan Bennett

So first off, go take a look at this curl bug report. It’s a 8.6 severity security problem, a buffer overflow in websockets. Potentially a really bad one. But, it’s …read more Continue reading This Week in Security: AI is Terrible, Ransomware Wrenches, and Airdrop→

This Week in Security: Bitwarden, Reverse RDP, and Snake

Posted on January 5, 2024 by Jonathan Bennett

This week, we finally get the inside scoops on some old stories, starting with the Bitwarden Windows Hello problem from last year. You may remember, Bitwarden has an option to …read more Continue reading This Week in Security: Bitwarden, Reverse RDP, and Snake→