Software called PrivDog has been unearthed with a similar Superfish-type vulnerability that breaks SSL connections.
Browsing Category: Vulnerabilities
Dennis Fisher and Mike Mimoso discuss their takeaways from the SAS 2015 conference, including the Equation Group APT analysis, hacking car washes, indexing the dark web and hacking home appliances.
In this video from last week’s Security Analyst Summit, HackerOne’s Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Trey Ford from Project Sonar describes the group’s initiative at Kaspersky’s Security Analyst Summit. The Rapid 7 service scans public-facing networks for apps, software, and hardware, then analyzes that cache of information to gain insight to trends and common vulnerabilities.
Researcher Rob Graham has cracked the certificate password for Superfish adware pre-installed on Lenovo laptops.
Looking in one of the more obscure corners of the web, Billy Rios discovered how to hack automated car wash equipment.
Attackers have long used distributed denial of service attacks to knock domain-name servers offline but over the last several months malware creators have taken to using DNS requests to tunnel stolen data.
BadUSB-style attacks against industrial control systems are theoretically possible, but bear watching according to Michael Toecker today at the Security Analyst Summit.
Staffan Truve spoke Monday at the Kaspersky Analyst Summit about the efforts his company Recorded Future is taking to index the dark web, or what he called the underbelly.
CANCUN–Businesses, especially those in the financial sector, should operate under the assumption that data exfiltration either is or will soon happen in their organization. A lot like car insurance, end users should hope for the best and prepare for the worst, according to Wells Fargo’s Steve Adegbite, who spoke on the challenges of detecting silent[…]