+44 (0)203 88 020 88

Menu

Search

News

coinbase cryptocurrency

Ethereum Classic hack raises blockchain questions

51% Attack succeeds and over $1million Ethereum Classic is double spent The cornerstone design assumption in blockchain systems such as Bitcoin and Ethereum is that there is a large community pool of honest participants who mutually concur and authenticate blockchain events.  Page 3 of Satoshi Nakamoto’s original whitepaper titled: “Bitcoin: A Peer-to-Peer Electronic Cash System” […]

Ethereum Classic hack raises blockchain questions Read More »

microchip vulnerability

Vulnerability in Wifi Chip used in Microsoft, Samsung and Sony devices allows zero click remote code execution  

Security research firm Embedi has recently published a report on the Marvell Avastar Wifi chip used in many devices including Microsoft Surface and Surface Pro, Samsung Chromebooks and some Samsung phones and the Sony Playstation 4 to name but a few. The flaw in Marvell’s implementation of the ThreadX operating system running on the Wifi

Vulnerability in Wifi Chip used in Microsoft, Samsung and Sony devices allows zero click remote code execution   Read More »

chromecast vulnerability upnp

Chromecast design flaw exposes digital signage screens to takeover

A recent publicity stunt promoting YouTube scoundrel pewdiepie has brought attention to a design flaw in Google Chromecast devices and smartTVs that embed the Chromecast technology.  By default, the Chromecast device will attempt to use Universal Plug and Play if it is enabled on the network router in order to open a port on the

Chromecast design flaw exposes digital signage screens to takeover Read More »

svg phishing attack fonts

New Phishing techniques avoid detection with fake web fonts

Endpoints and security gateway appliances use a variety of techniques to attempt to identify Phishing websites that are trying to steal login credentials from unsuspecting users. A typical phishing website may appear to the average human to be a login page for a well-known service, such as Gmail, Dropbox or your cloud-hosted ERP system.  Users

New Phishing techniques avoid detection with fake web fonts Read More »

ipmi server management

Server IPMI remote management cards used as ransomware attack vector

Many servers make use of Intel’s Intelligent Platform Management Interface (IPMI) cards. These allow system administrators to access and remotely manage the server; including, changing BIOS settings, rebooting the server and providing an out-of-band login to the local system console. The IPMI can be built into the motherboard or can be added later and is supported

Server IPMI remote management cards used as ransomware attack vector Read More »

microsoft patch tuesday december

Death by PowerPoint and other vulnerabilities

Microsoft’s December 2018 patch Tuesday release includes fixes for several critical vulnerabilities including one in PowerPoint which affects all versions since PowerPoint 2010. The PowerPoint bug (CVE-2018-8628) would allow an attacker to create a specially-crafted file, which when opened by PowerPoint, would enable the attacker to run arbitrary code as the logged-in user.   According to

Death by PowerPoint and other vulnerabilities Read More »

sennheiser headphones vulnerability

Sennheiser headphone bug highlights certificate vulnerability

A recent vulnerability in Sennheiser’s headphone management utility illustrates the risk of unexpected additions to the Microsoft windows certificate store. During installation, the Sennheiser software installed a self-signed root certificate into the computer’s trusted root CA certificate store. A copy of the certificates’ private key was also copied into application’s installation directory.  Security research firm

Sennheiser headphone bug highlights certificate vulnerability Read More »

data breach marriott hotels

World’s second largest data breach hits Marriott customers

Half a billion user accounts stolen over four years On 8th September 2018, Marriott hotels noticed a security alert concerning an attempt to access the Starwood Hotels reservation database which the hotel chain had purchased back in 2016. Recent investigations have revealed that the attackers had access to the Starwood systems and database since 2014,

World’s second largest data breach hits Marriott customers Read More »

meltdown spectre vulnerability

Meltdown and Spectre – it’s not over yet!

Meltdown and Spectre are a family of security attacks that operate at the hardware-level of modern processors. Some of the attack variants have supposedly been mitigated by microcode and BIOS patches issued by the processor vendors; however, new research published by Cornell University reveals several new attack vectors and the report suggests that the previously-issued

Meltdown and Spectre – it’s not over yet! Read More »

0

No products in the basket.

No products in the basket.