Browsing Category: Videos

Facebook Patches OAuth Authentication Vulnerability

Social media supersite Facebook has fixed a vulnerability that could have allowed a hacker to access a user’s account simply by getting them to click through to a specially crafted website. The flaw essentially mimicked the functionality of an authentic Facebook application without actually installing an application to their profile.


Samsung Smart TV Bug Allows Remote Access, Root Privileges

Categories: Hacks, Videos, Vulnerabilities

It turns out that some smart TVs are a little too smart for their own good–and the good of users. Some specific models of Samsung TVs that have Wi-Fi and other advanced capabilities have a flaw that enables an attacker to take a variety of actions on the TV, including accessing potentially sensitive data, remote files and information, the drive image and eventually gain root access to the device.


Video: Locking Down iOS

Considering the rapid  proliferation of smartpones and tablets and the vast wealth of personal and financial data many of us store on them, it is increasingly important that we find ways of securing our mobile devices. With that in mind, we decided there was no better way to kick-off a series of security tutorials than with a short step by step video explaining simple ways of securing your iOS device.


Honeynet Project Launches ‘Ghost’ To Snare USB Malware

The Honeynet Project launched a new project Thursday that is designed to snare malware that spreads by infecting removable USB (universal serial bus) storage drives, citing the increased reliance of malicious programs on portable drives to move from computer to computer.


Common Firewall Feature Enables TCP Hijacking Attacks

Attackers using a feature that is common to many firewalls, switches and other networking gear could silently hijack Web sessions on mobile and desktop devices, according to a research paper presented by two Ph.D students from the University of Michigan.


Interview: Android Engineered To Enable Data Harvesting

[img_assist|nid=10979|title=Paul Brodeur|desc=|link=none|align=right|width=100|height=100]We wrote yesterday about research by Paul Brodeur of Leviathan Security Group on security weaknesses that are built into Google’s Android mobile operating system. Brodeur was able to show, using a proof of concept application, that Android applications without any permissions can still access files used by other applications, including which applications are installed and a list of any readable files used by those applications. In this question and answer session, Brodeur corresponds with Threatpost about his ongoing work studying the Android operating system, and how a combination of loose application coding and insecure design makes Google’s Android a boon for advertisers and others who want to harvest data on mobile users.* 


Video: Expert Proves Stuxnet’s Link To Iran Nuclear Facilities

When Ralph Langner, an independent security researcher, presented his analysis of specialized code used by the Stuxnet worm to an audience of his peers at the S4 Conference in Miami last month, it was a chance to get down in the weeks with one of the world’s top experts on Stuxnet and threats to industrial control system.


Game On: Gamma Ray Scanners To Guard ‘Most Technologically Secure’ Super Bowl Ever

Categories: Videos, Vulnerabilities

[img_assist|nid=10620|title=|desc=|link=popup|align=left|width=100|height=67]Gamma ray scanners? Night vision cameras? bomb-proof manhole covers? G-Men? It must be Super Bowl time again, and Marion County, Indiana says that they’ve gone where no other municipality has gone before: a permanent, $18 million regional operation center (yes – ROC) that will manage security at the Big Game.