category
Blackhat

Rakshasa hardware backdooring: the demon that can't be exorcized?

Jonathan Brossard describes an ‘undetectable, unremovable’ attack on firmware through gimmicked hardware or a subsequent malware attack. David Harley isn’t convinced.

Apache/PHP web access holes – are your .htaccess controls really safe

If your organization’s website runs on Apache, and many do, you might wonder if the webserver’s .htaccess controls are securely configured. If you believe the demo we saw yesterday at Blackhat by Matias Katz and Maximiliano Soler, the answer is a resounding ‘NO!’ What Katz and Soler described in their session is not some rare

SCADA attacks gone crazy

SCADA, a network-enabled setup for controlling infrastructure, is hitting the headlines in force for falling victim to cyber scammers. There have been several incidents of unauthorized access to Supervisory Control and Data Acquisition (SCADA) systems recently, from guessing simple passwords, to full-on spear phishing attacks against a hardware vendor, which were then used to access

Soup, Security Expertise and the Hypocritical Oath

If Tanji’sarticle makes you more sceptical of those of us who pollute the blogosphere with our own opinions, that’s a Good Thing.

Putting your money where your pancreas is…

I’m a believer in responsible disclosure. But…

U.S. standards agency warns energy producers of cyber attacks

The North American Electric Reliability Corporation’s (NERC) newly formed Cyber Attack Task Force will “consider the impacts of a coordinated cyber attack on the reliability of the bulk power system”, in a proactive effort to increase providers’ readiness for new waves of potential nastiness. Recently, there has been a flurry of activity surrounding efforts to

Blackhat: breaking SMS – war texting

If you could use texting to break networks, what could you do? Well, Don Bailey, with ISEC Partners, in his talk today at Blackhat, muses that you could break a lot, driving around and dropping in on various networks as you saw fit. Well, really his proof-of-concept collection of tools is aimed at educating mobile

Dangerous Zips + Responsible Disclosure

Mario Vuksan, Tomislav Pericin and Brian Karney have been talking…about vulnerabilities they’ve found in various compression formats … as well as their potential for steganographical use or misuse…. Perhaps the main problems here will not be technical vulnerabilitiese but careless users and social engineering attacks.

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.