CVE-2015-3842 is a new flaw affecting the Android mediaserver, which can be exploited to perform attacks involving arbitrary code execution. The problems for Android users continue, a long serie of vulnerabilities has been discovered by the experts in the last weeks, Stagefright, zero-day zero-day deserialization, and Certifi-Gate are the names of some of the flaw recently […]
The ICS-CERT has recently published six security advisories to warn organizations about a number of 0-day flaws in SCADA systems. The ICS-CERT has published six advisories to warn organizations about the presence of Zero-Day Flaws in SCADA Systems. Aditya K. Sood, security researcher at Elastica, has revealed in a talk at the Def Con 2015 conference several vulnerabilities […]
By Exploiting a flaw in the SS7 protocol hackers can access every conversation and text message mobile users send from everywhere in the world. Hackers can spy on every mobile phone user wherever it is. Channel Nine’s 60 Minutes has revealed the existence of a security hole in modern telecommunication systems that could be exploited by […]
An Italian security researcher has discovered two zero-day vulnerabilities in Apple MAC OS X that could be exploited to gain remote access to a PC. An Italian teenager, Luca Todesco, has found a couple of critical zero-day vulnerabilities in Apple OS X operating system that could be exploited to gain remote access to a PC. The […]
Kaspersky sustains the Reuters’s story on Antivirus false positives is based on information provided by anonymous former KL employees which are not reliable Some days ago, Reuters published a story about Kaspersky revealing that the Russian company was creating malicious codes to give them an upper hand against their direct competitors. Eugene Kaspersky in the […]
Security researchers discovered a new technique to exploit BitTorrent to run powerful DDoS amplification attacks that could bring down great websites. A weaknesses in the open BitTorrent protocol makes some of the most widely used BitTorrent applications, including uTorrent, Mainline, and Vuze vulnerable to a form of denial of service attack. The form of DDoS […]
While the Ownstar attack has been fixed by GM, the same flaw affects also BMW Remote, Mercedes-Benz mbrace, and Chrysler Uconnect apps. Recently I wrote about the OwnStar attack presented by the popular hacker Samy Kamkar, a new gadget designed by the expert that could be exploited to hack GM Cars. The tool developed by Kamkar allows to locate […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. ZigBee-sniffing drone used to map online Internet of Things RollJam, a $30 device to unlock the majority of car doors Tesla tech top dog downs slug of Scotch, increases […]
Two security researchers at the recent Def Con conference presented the results of their studies on hacking Parrot drones. Â Their findings are surprising. At the recent Def Con conference in Las Vegas, security experts demonstrated in two different talks how to exploit vulnerabilities in commercial drones manufactured by Parrot. In one of the attacks, the […]
MWR Labs have disclosed information on an unpatched vulnerability that allows an attacker to easily bypass the Android sandbox. Other problems for the popular Android OS, after the discovery of the Stagefright vulnerabilities and other security flaws recently revealed by security researchers, now experts at MWR Labs have disclosed information on an unpatched vulnerability that allows […]