23-gigabyte database had plain-text passwords, face images, and much more. Source: Found: World-readable database used to secure buildings around the globe
September 2, 2019
Screwed Drivers – Signed, Sealed, Delivered – Eclypsium
Download the PDF > Introduction Common Design Flaw In Dozens of Device Drivers Allows Widespread Windows Compromise As part of Eclypsium’s ongoing hardware and firmware security research, we have become increasingly interested in the area of insecure drivers and how they can be abused in an attack against a device.… Source: Screwed Drivers – Signed, Sealed, Delivered – Eclypsium
September 2, 2019
New Spectre-like CPU vulnerability bypasses existing defenses
The SWAPGS vulnerability can allow attackers to access contents of kernel memory addresses. Microsoft and Intel have coordinated on a mitigation. Source: New Spectre-like CPU vulnerability bypasses existing defenses
Source: Hitting the Books: How legendary hackers wound up working for the CIA
September 1, 2019
Teen Security Researcher Suspended for Exposing Vulnerabilities in His School’s Software
Another vulnerability that Bill Demirkapi found impacted 5,000 schools. Source: Teen Security Researcher Suspended for Exposing Vulnerabilities in His School’s Software