Category: Uncategorized


The final day of Pwn2Own Vancouver 2019 has come to a close, but not without some drama and intrigue. Continue reading

“Karta” (Russian for “map”) is a source code assisted binary matching plugin for IDA. The plugin was developed to match symbols for an open source library in a very large binary, usually a firmware file. For those who deal daily with firmware files, it’s a waste of time to have to repeatedly reverse net-snmp; there is a clear need for a tool to identify the used open sources, and automatically match their symbols in IDA. Continue reading

Semmle announced today that it has found a critical denial of service (DoS) vulnerability in the Fizz project, ­Facebook’s open source implementation of the transport layer security (TLS) protocol. Fizz is used to facilitate secure communications with web services, and is used on most of Facebook’s internal and external infrastructure. Continue reading

Audience

  • Patients with a Medtronic cardiac implantable cardioverter defibrillators (ICDs) or cardiac resynchronization therapy defibrillators (CRT-Ds)
  • Caregivers of patients with a Medtronic ICD or CRT-D
  • Cardiologists, electrophysiologists, cardiac surgeons, and primary care physicians treating or managing patients with heart failure or heart rhythm problems using a Medtronic ICD or CRT-D

Continue reading

Facebook employees were aware of concerns about“improper data-gathering practices” by Cambridge Analytica months before the Guardian first reported, in December 2015, that the political consultancy had obtained data on millions from an academic. The concerns appeared in a court filing by the attorney general for Washington DC and were subsequently confirmed by Facebook. Continue reading

The data attackers demanded ransom of Hydro to “unlock” their computer system. At the same time, a targeted attack on the user database for the industrial giant was carried out. 

Continue reading

This week Norsk Hydro, a large multinational manufacturer with 35,000 staff and over 100 years of history, had the nightmare scenario of a worldwide apparent ransom attempt — their systems began to malfunction, and attackers had placed the following ransom note on their business and some production systems across the world: Continue reading

Following the extensive cyber attack earlier this week, Hydro has made further progress in securing safe and stable operations across the company.

Continue reading

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. Continue reading

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. Continue reading