A security expert discovered that a crafted PDF document that includes an embedded JPG2000 image can trigger a buffer overflow in the Chrome PDF reader. The security expert Aleksandar Nikolic from the Cisco Talos group has discovered an arbitrary code execution vulnerability (CVE-2016-1681) in PDFium, which is the PDF reader component installed by default in Google Chrome […]
China is ready to launch its first hack proof quantum communication satellite, are we entering a new era of telecommunications. Satellites have a crucial role in our digital society, almost every industry is benefiting from their services for this reason their security is a pillar of the cyber security strategy of governments worldwide. Attackers are posing […]
The potential of IoT devices connected over cloud networks is breathtaking, opening opportunities that will forever change societal culture. Itâs a buzzword that has been around the past decade and has often been portrayed in futuristic visions of a society where man and technology has integrated into one. The potential of IoT devices connected over cloud […]
Boffins released a paper describing how computer processors can be programmed to give elevated privileges to hackers and run fabrication-time attacks. A team of researchers from the University of Michigan recently released a paper describing how computer processors can be programmed to give elevated privileges to hackers. The paper titled, âA2: Analog Malicious Hardware,â describes […]
A study of Duo Security revealed that Lenovo Accelerator Application support tool contains a high-risk flaw that allows remote code execution. Once again bad news for Lenovo users, the company is informing them that the Lenovo Accelerator Application contains a high-risk vulnerability that could be exploited by hackers to remotely execute code on the machine and […]
Iran orders foreign social media and instant messaging companies to use servers in the country to store all data related to the Iranian citizens. The Iranian Government spends a significant effort for the Internet monitoring and control, its activities often lead to a concrete censorship. Last year the Government of Teheran has blocked Telegram and many other social networking companies due to […]
The independent researcher Maxim Rupp reported an unpatchable flaw in the ICS Environmental Systems Corporation (ESC) 8832 Data Controller. Vulnerable SCADA and industrial control systems represent the entry point in critical infrastructure for hacking attacks. In many cases, patch management of these systems is very complex and in some specific scenarios known flaws could not be fixed for various […]
According to the security firm High-Tech Bridge many of the Alexa Top 10,000 websites are still vulnerable to the OpenSSL flaw CVE-2016-2107. The CVE-2016-2107 flaw affecting the open-source cryptographic library could be exploited to launch a man-in-the-middle attack leveraging on the âPadding Oracle Attackâ that can decrypt HTTPS traffic if the connection uses AES-CBC cipher and the server supports AES-NI. According […]
Analyzing the data included in the Internet Crime Compliant Center – IC3 report 2015 recently issued by the Federal Bureau of Investigation. FBI released the Internet Crime Compliant Center – IC3 report of 2015 last week. During the last calendar year, IC3 received 288,012 complaints and 44 percent of them reported financial loss equal to […]
The US Computer Emergency Response Team has issued a warning after the discovery a security issue the popular medical application MEDHOST PIMS (PIMS). Many security experts believe that medical industry lack of a proper security posture, despite it is a high-tech sector the vast majority of medical equipment was not designed with a security by design […]