Security News > 2020 > July
With world+dog on Zoom these days, news of a zero-day attack against the videoconferencing app would cause a stir, but relax - it's only if you're on Windows 7 or older. An independent researcher told ACROS Security about the flaw that would allow for remote code execution on any Zoom Client for Windows used by Windows 7, even with extended support after the OS was shuttered in January.
With world+dog on Zoom these days, news of a zero-day attack against the videoconferencing app would cause a stir, but relax - it's only if you're on Windows 7 or older. An independent researcher told ACROS Security about the flaw that would allow for remote code execution on any Zoom Client for Windows used by Windows 7, even with extended support after the OS was shuttered in January.
Roughly five hours after an internal email went out Friday to Amazon employees telling them to delete the popular video app TikTok from their phones, the online retailing giant appeared to backtrack, calling the ban a mistake. U.S. Secretary of State Mike Pompeo said this week that the government was "Certainly looking" at banning the app, setting off confused and irritated posts as well as jokes by TikTok users.
A personal account of someone who was paid to buy products on Amazon and leave fake reviews. Fake reviews are one of the problems that everyone knows about, and no one knows what to do about - so we all try to pretend doesn't exist.
In May 2019, Flashpoint CEO Josh Lefkowitz shared in SecurityWeek tips for evaluating threat intelligence vendors that cover the deep and dark web. I wanted to look at the entire threat intelligence space and provide some thoughts on how to evaluate the best vendors for you.
HITB Lockdown 002 will feature a number of hands-on technical trainings, taking place July 20-23, 2020. 2-day trainings Advanced ICS Hacking Trainer: Yamila Levalle (Security Researcher, Dreamlab...
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Security researchers have discovered backdoors impacting a total of 29 Fiber-To-The-Home Optical Line Terminal devices from Chinese vendor C-Data. Security researchers Pierre Kim and Alexandre Torres discovered that the FD1104B and FD1108SN OLTs are impacted by several vulnerabilities, including a telnet server accessible from both the WAN and the FTTH LAN interfaces.
In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.
This is accomplished by tracking down every digital certificate deployed across the organization and capturing details including algorithms and their size, the type of hashing/signature, validity period, where it's located and how it can be used. Once you have a complete inventory, you'll then need to identify the vulnerable certificates by the type of cryptography in use and look for anomalies and potential problems.