Latest Entries »

The final day of Pwn2Own Vancouver 2019 has come to a close, but not without some drama and intrigue. View full article »

“Karta” (Russian for “map”) is a source code assisted binary matching plugin for IDA. The plugin was developed to match symbols for an open source library in a very large binary, usually a firmware file. For those who deal daily with firmware files, it’s a waste of time to have to repeatedly reverse net-snmp; there is a clear need for a tool to identify the used open sources, and automatically match their symbols in IDA. View full article »

Semmle announced today that it has found a critical denial of service (DoS) vulnerability in the Fizz project, ­Facebook’s open source implementation of the transport layer security (TLS) protocol. Fizz is used to facilitate secure communications with web services, and is used on most of Facebook’s internal and external infrastructure. View full article »

Audience

  • Patients with a Medtronic cardiac implantable cardioverter defibrillators (ICDs) or cardiac resynchronization therapy defibrillators (CRT-Ds)
  • Caregivers of patients with a Medtronic ICD or CRT-D
  • Cardiologists, electrophysiologists, cardiac surgeons, and primary care physicians treating or managing patients with heart failure or heart rhythm problems using a Medtronic ICD or CRT-D

View full article »

Facebook employees were aware of concerns about“improper data-gathering practices” by Cambridge Analytica months before the Guardian first reported, in December 2015, that the political consultancy had obtained data on millions from an academic. The concerns appeared in a court filing by the attorney general for Washington DC and were subsequently confirmed by Facebook. View full article »

The data attackers demanded ransom of Hydro to “unlock” their computer system. At the same time, a targeted attack on the user database for the industrial giant was carried out. 

View full article »

This week Norsk Hydro, a large multinational manufacturer with 35,000 staff and over 100 years of history, had the nightmare scenario of a worldwide apparent ransom attempt — their systems began to malfunction, and attackers had placed the following ransom note on their business and some production systems across the world: View full article »

Following the extensive cyber attack earlier this week, Hydro has made further progress in securing safe and stable operations across the company.

View full article »

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. View full article »

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. View full article »