Ransomware contained and some systems have already been recovered.
ProtonMail was previously blocked in Russia in March this year for the same reason
Intel is removing drivers and BIOS updates for desktop components and motherboards released in the 90s and early 2000s.
Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. The vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker. They were found using automatic tools, and it is extremely likely that many of the vulnerabilities are not exploitable -- making them bugs...
The bug bounty hunter who disclosed the issue says the bug is a prime example of DOM Clobbering.
The buffer overflow flow bug has been disclosed by Facebook.
Avast, the market's leader for the past five years, has fallen to #6.
China's top white-hat hackers have gathered in Chengdu to test zero-days against today's top software.
Hackers began hijacking accounts hours after Disney+ launched earlier this week.
Neat video, and an impressive-looking squid. I can't figure out how long it is. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here....
Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks, by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we per-form a black-box timing analysis of TPM 2.0 devices deployed on commodity computers. Our...
Low detection rates and the drop of not one, but two Trojans, spells trouble.
Hundreds of thousands of dollars in cryptocurrency was allegedly pilfered from victim wallets.
In what looks to be the Chrome team's biggest misstep, companies report massive outages caused by unannounced Chrome experiment.
Fourteen companies unite get together to search, find, and fix security flaws in GitHub-hosted open source projects.
Travelers should use only AC charging ports, use USB no-data cables, or "USB condom" devices.
This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at the Indian Institute of Science in Bangalore, India on December 12, 2019. The list is maintained on this page....
Disclosure of new Zombieload v2 vulnerability prompts OS makers to react with ways to disable Intel's TSX technology.
Technologists and policymakers largely inhabit two separate worlds. It's an old problem, one that the British scientist CP Snow identified in a 1959 essay entitled The Two Cultures. He called them sciences and humanities, and pointed to the split as a major hindrance to solving the world's problems. The essay was influential -- but 60 years later, nothing has changed....