vulnerabilities Archives | Page 5 of 130

Tag: vulnerabilities

We talk with PAS Global about a Chatham House report on the hacking risk to nuclear weapons.

Episode 79: Hackable Nukes and Dissecting Naughty Toys

January 15, 2018 by Paul

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.

Continue Reading →

SinVR, a company offering adult-themed virtual reality games, exposes data on thousands of customers via a leaky desktop application, according to researchers at the firm Digital Interruption.

Adult Themed Virtual Reality App spills Names, Emails of Thousands

January 12, 2018 by Paul

Thousands of users of an adult virtual reality application risk having their personal information, including names and email addresses exposed, according to researchers in the UK.

Continue Reading →

Researchers: SCADA Mobile Apps Continue to Have ‘Shocking’ Number of Vulnerabilities

January 11, 2018 by Elizabeth Montalbano

Despite their availability on mobile networks and thus increased exposure to outside security threats, SCADA apps remain highly insecure and vulnerable to attack, putting critical industrial control systems at immediate and increased risk, researchers at IOActive and Embedi have found.

Continue Reading →

Will a data war erupt between the EU and US over security and privacy protections? That's one prediction that Paul Rosenzweig of Lawfare blog makes for 2018.

Episode 78: Meltdown and Spectre with Joe Unsworth of Gartner and will GDPR spark a Data War in 2018?

January 8, 2018 by Paul

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger podcast, Joe Unsworth has been covering the semiconductor space for Gartner for 15 years, but he’s never seen anything like Meltdown and Spectre, the two vulnerabilities that Google researchers identified in a wide range of microprocessors. In this podcast, Joe comes in to talk with us about what the flaws will mean for major chip vendors. Also: we kick off 2018 with a pair of predictions for the New Year from two of the smartest guys in the information security business. Lawyer and Lawfare blogger Paul Rosenzweig speaks with us about the year ahead including the possibility of a data war between the US and the EU. Also: Experian VP for Consumer Protection Mike Bruemmer comes in to talk to us about that company’s Data Breach Industry Forecast for 2018.

Continue Reading →

Google details CPU flaws, claims AMD, ARM and Intel all affected

January 4, 2018 by Paul

Google has come forward to claim responsibility for discovering a pair of serious security holes in Intel processors that run almost 9 in 10 computers in the world. And worse: the company has echoed a statement by Intel yesterday that the flaws are not specific to that company’s chips. Contrary to published reports, a blog post on the Google Security Blog by Matt Linton, a Senior Security Engineer at Google and Pat Parseghian, a Technical Program Manager said that flaws dubbed “Specter” (PDF) and “Meltdown” (PDF) are not limited to chips by Intel, but exist in central processing unit (CPU) chips by a wide range of vendors including Intel, AMD and ARM. Google discovered the flaws The flaws were discovered by Jann Horn, a researcher for Google’s Project Zero security team, discovered the flaw and showed how malicious actors could game a common CPU feature known as “speculative execution” to […]

Continue Reading →