In addition to concerns about mass surveillance, the group also cited repeated incidents of internet censorship in which the Kazakh government has blocked access to communication, social media, and news services for hours at a time during political speeches, protests, and other controversial national events.
Jailbreaking allows iOS users to add apps and other functions that Apple wouldn't normally permit to their iPhones. "This is rather inexcusable, as it puts millions of iOS users at risk," says Patrick Wardle, principal security researcher at the Mac management firm Jamf.
Now 99 percent of all exported bananas are Cavendish—with almost all of them grown in Latin America.“What we’re having is an almost apocalyptic scenario where we’ll probably lose Cavendish as well,” says Sarah Gurr, Exeter University’s chair in food security.
Researchers from the security firm Pen Test Partners published findings this week that an attacker would just need a person's username to track them. A new vulnerability and corresponding exploit of Bluetooth could allow an attacker to determine the encryption keys used during device pairing and let themselves in on the party.
So four years ago, Facebook engineers began building a customized assessment tool that not only checks for known types of bugs but can fully scan the entire codebase in under 30 minutes—helping engineers catch issues in tweaks, changes, or major new features before they go live.
A Cure for Ebola, A Home-Speaker Cyberattack, and More News. A new drug is working to cure ebola, hackers figured out how to weaponize home-speakers, and tech is coming to the aid of migrants on the border.
But Matt Wixey, cybersecurity research lead at the technology consulting firm PWC UK, says that it’s surprisingly easy to write custom malware that can induce all sorts of embedded speakers to emit inaudible frequencies at high intensity, or blast out audible sounds at high volume.
At the Defcon hacker conference today, independent security researcher Pedro Cabrera showed off in a series of hacking proofs-of-concept attacks how modern TVs—and particularly Smart TVs that use the internet-connected HbbTV standard implemented in his native Spain, across Europe, and much of the rest of the world—remain vulnerable to hackers.
But with any of three different security flaws present across those apps—which Jmaxxz says he reported to the company and have since been fixed—he says he could have gained access to MyCar's database backend, letting him or a less friendly hacker pinpoint and steal any car connected to the MyCar app, anywhere in the world.
But at the DefCon security conference in Las Vegas on Saturday, researchers from the BlackBerry are presenting an attack that can intercept GSM calls as they're transmitted over the air and decrypt them to listen back to what was said.
But a group of security researchers told Motherboard this week they found what look like election infrastructure online in 10 states, including swing states like Wisconsin, Michigan, and Florida.
In Follett's software, Demirkapi says he found bugs that would have given a hacker access to student data like grade point average, special education status, number of suspensions, and passwords.
The agency hopes to use voting machines as a model system for developing a secure hardware platform—meaning that the group is designing all the chips that go into a computer from the ground up, and isn’t using proprietary components from companies like Intel or AMD.
Over the last two and a half years, Davis has found techniques to crack three different types of the Kaba Mas high-security electronic combination locks the company has sold for securing ATM safes, pharmacy drug cabinets, and even Department of Defense facilities, representing millions of locks around the world.
At the Defcon hacker conference in Las Vegas today, Caruana will give a talk on a very specific subgenre of that pastime: Phreaking elevator phones, the emergency call boxes legally mandated in every elevator in America, and largely left wide open to any caller who can determine their numbers.
Only three years ago did it suddenly shift its attitude towards security researchers, offering bounties as high as $200,000 to researchers who revealed some types of vulnerabilities in the iPhone .But even then, Apple's bug bounty program remained invite-only, open to only a select group of Apple's preferred and trusted researchers.
Povolny says that with the Avaya desk phones, it took only basic hacking skills to gain access to the device's systems and firmware (the foundational code that coordinates a device's hardware and software) and analyze them for flaws.
Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.Nathan Hauke and David Renardy of the security firm Two Six Labs started looking for these "algorithmic complexity" issues in mainstream services, and quickly found them in PDF readers, remote desktop servers, and a popular password strength evaluation tool.
An attacker could potentially pivot, Santamarta says, from the in-flight entertainment system to the CIS/MS to send commands to far more sensitive components that control the plane's safety-critical systems, including its engine, brakes, and sensors.
Samsung revealed new Galaxy Note phones, a security researcher discovered vulnerabilities in the Boeing 787, and hackers can get into your phone with just a text message. Security researchers lifted the curtain on "interaction-less bugs" in Apple's iOS that would allow a hacker access to your phone without you doing anything at all.
Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.Silvanovich, who worked on the research with fellow Project Zero member Samuel Groß, got interested in interaction-less bugs because of a recent, dramatic WhatsApp vulnerability that allowed nation-state spies to compromise a phone just by calling it—even if the recipient didn’t answer the call.
But at the Black Hat security conference in Las Vegas on Wednesday, Purdue University researcher Sze Yiu Chau has a warning for the security community about a different threat to encryption: vulnerabilities that were discovered more than a decade ago still very much persist today.
Security News This Week: Apple Contractors Will Stop Listening to Your Siri Recordings—For Now. Justin Sullivan. After a report in The Guardian detailed Apple's use of contractors to "grade" the recordings of Siri users, the company has said it will suspend the program.
The Guardian Firewall app runs in the background of an iOS device, and stymies data and location trackers while compiling a list of all the times your apps attempt to deploy them.
As the top-ranking Democrat on the Senate Intelligence Committee, Warner has long been a vocal proponent of new legislation to strengthen election protections, such as the Honest Ad Act, which would compel Silicon Valley firms to disclose when political ads are paid for by a foreign nation.