Zip Slip Vulnerability Affects Thousands of Projects Researchers discovered a flaw in almost all zip-style file decompressors – RAR, TAR, 7ZIP-APK and others. The problem is caused by a very old attack vector called directory traversal that these libraries do not handle correctly. The decompressor libraries were likely downloaded from places like Github and Stack […]
Continue reading → [DISPLAY_ACURAX_ICONS]Israeli Startup Raises $12.5 Million to Help Governments Hack IoT Given the sad state of IoT security, I am not sure that governments need any help in hacking IoT devices, but just in case they do, Israeli startup Toka raised $12.5 million to help police hack iPhones, Alexas, Echos and Nests, along with other IoT […]
Continue reading → [DISPLAY_ACURAX_ICONS]Timehop Hack Compromises 21 Million Users In a bit of good news/bad news, the social media time capsule site Timehop said that it was hacked around July 4th, but that they interrupted the hack in progress. Still the hackers got usernames, passwords, email addresses, date of birth, gender, some phone numbers and other information for […]
Continue reading → [DISPLAY_ACURAX_ICONS]NSA Deleting All Call Detail Records (CDRs) Acquired Since 2015 While the NSA is not providing a lot of details about what went wrong, the NSA is saying that it is deleting all CDRs acquired since 2015 because of technical irregularities that resulted in it receiving data that, likely, would be illegal under the current […]
Continue reading → [DISPLAY_ACURAX_ICONS]The Supremes Say Warrant Required For Cell Data In a 5-4 decision last week, the Supremes said that the police should have gotten a search warrant before they asked for months worth of location data of a suspect. The suspect in a robbery case was tracked by the police – over 12,000 locations, over 127 […]
Continue reading → [DISPLAY_ACURAX_ICONS]Latest Cost Estimates For Equifax Breach is $439 Million According to recent (March) tax filings, costs related to their breach are now $439 million, making the Equifax breach the costliest in US history. Assuming insurance does pay, it would cover, at most, $125 million, leaving Equifax to write a check for $300 million plus. Given […]
Continue reading → [DISPLAY_ACURAX_ICONS]