An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with…
Category: Security
Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways | ZDNet
The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries. Read more…
‘A moment of reckoning’: Microsoft’s president sounds a dire warning after the SolarWinds cyberattack
Brad Smith called for a global response to what he described as a threat to critical…
Facebook tracks ‘OceanLotus’ hackers to IT firm in Vietnam
Cybersecurity investigators at Facebook have traced a hacking group long suspected of spying on behalf of…
iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever
Before Apple patch, Wi-Fi packets could steal photos. No interaction needed. Over the air. Read more…
A Bluetooth attack can steal a Tesla Model X in 90 seconds
Tesla is introducing a patch for the vulnerabilities after a researcher demonstrated problems in the car’s…
Security researcher accidentally discovers Windows 7 and Windows Server 2008 zero-day | ZDNet
The vulnerability was discovered while the security researcher was working on a Windows security tool. Read…
LidarPhone attack converts smart vacuums into microphones | ZDNet
LidarPhone attack works by converting a smart vacuum’s LiDAR navigational component into a laser microphone. Read…
New tool automates phishing attacks that bypass 2FA | ZDNet
Trust in two-factor authentication has slowly eroded in the last month after release of Amnesty International…
Jailbreak iPhone 12 Pro under iOS 14.2 successfully completed – Galus Australis
Jailbreaking the iPhone 12 Pro on iOS 14.2 is already a reality. It’s the work of…
CERT/CC launches Twitter bot to give security bugs random names | ZDNet
CERT/CC attempts to reduce the use of sensationalized vulnerability names that needlessly scare software users. Read…
samyk/slipstream
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine,…
It’s 2020 and a rogue ICMPv6 network packet can pwn your Microsoft Windows machine
Redmond urges folks to apply update ASAP – plus more fixes for Outlook and software from…
The Nvidia Geforce RTX 3090 is very good at cracking passwords and that’s bad news
Yet another reason to use strong, complex passwords Read more at TechRadar…
A powerful iPhone jailbreak also cracks Apple’s Mac security chip
The Checkm8 vulnerability, which could jailbreak generations of iPhones, has now been used against the company’s…
How AI will automate cybersecurity in the post-COVID world
As cybercrime is becoming more lucrative and more automated, we’re going to have to depend on…
Facebook open-sources Opacus, a PyTorch library for differential privacy
Facebook’s Opacus is a library for training PyTorch models with differential privacy that’s ostensibly more scalable…
New P2P botnet infects SSH servers all over the world
Botnet is hard to detect and with no centralized control server, harder to take down. Read…
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI | ZDNet
The block was put in place at the end of July and is enforced via China’s…
‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10
A high-rated security vulnerability in the Secure Boot function of the majority of laptops, desktops, workstations…