Thursday, March 26th, 2015
DLL hijacking is an attack that makes applications load malicious dynamic link libraries instead of the intended -- clean and legit -- library on a Windows system.
Programs that don't specify paths to libraries are vulnerable to DLL hijacking as Windows uses a priority based search order in this case to ...
Posted in Internet, Security, Windows | No Comments
Tuesday, March 24th, 2015
There is no such thing as perfect security. Given enough knowledge, resources, and time any system can be compromised. The best you can do is to make it as difficult for an attacker as possible. That said there are steps you can take to harden your network against the vast ...
Posted in Hardware, Internet, Privacy, Security | No Comments
Friday, March 20th, 2015
Security researchers nabbed $552,500 in bounties at this year's Pwn2Own hacking contest, demonstrating exploits against the top four Web browsers, plus Adobe Reader and Flash Player.
On Thursday, the second and final day of the competition, the star of the show was South Korean security researcher JungHoon Lee, aka "lokihardt," who ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, March 3rd, 2015
On Tuesday, March 3, 2015, researchers disclosed a new SSL/TLS vulnerability — the FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptogrpahy, which can then be decrypted. There are several posts that discuss the attack in detail: ...
Posted in Internet, Privacy, Security | No Comments
Saturday, February 28th, 2015
In case you needed yet another reason to change the default username and password on your wired or wireless Internet router: Phishers are sending out links that, when clicked, quietly alter the settings on vulnerable routers to harvest online banking credentials and other sensitive data from victims.
Sunnyvale, Calif. based security firm Proofpoint said it recently ...
Posted in Hardware, Internet, Security | No Comments