Explanation of how a one-line change in the Windows 10 kernel enabled a sandbox escape in Chrome/Edge/Firefox
6
votes
Showing only topics with the tag "security".
Back to normal view
-
-
Multiple vulnerabilities affecting the default Mail application on iOS since at least January 2018, with evidence of being exploited in targeted attacks
10 votes -
Is Border Gateway Protocol safe yet? No
4 votes -
US Department of Homeland Security attempts military surveillance of the Canadian border
8 votes -
After 9/11, Americans gave up privacy for security. Will we make the same trade-off after COVID-19?
21 votes -
Microsoft buys Corp.com so bad guys can’t
17 votes -
Thousands of Zoom cloud recordings have been exposed on the web because of the way Zoom names its recordings in unprotected AWS buckets
24 votes -
zWarDial, an automated tool to find unprotected Zoom meetings
7 votes -
Webcam hacking—The story of how I gained unauthorized Camera access on iOS and macOS
4 votes -
Does Linux need antivirus?
18 votes -
The story of the hijacking of Eastern Airlines Flight 1320 in 1970: The first hijacked US flight with a fatality, which led to many of the modern airline security measures
6 votes -
How long do we have left, exactly, until climate change affects our global food supply?
I'm not very knowledgeable about this stuff. How long do we have left, like, 10-15 years at the most?
6 votes -
The alarming scope of Presidential power during an emergency
4 votes -
Notes on auth token persistence
5 votes -
The White House has ordered federal health officials to treat top-level coronavirus meetings as classified
29 votes -
The main Avast antivirus service contained a custom JavaScript interpreter, enabling wormable pre-auth RCEs. Avast has now disabled the emulator in response to a vulnerability report
13 votes -
EARN IT act is a direct attack on end-to-end encryption
25 votes -
The case for limiting your browser extensions
9 votes -
Have I Been Pwned is no longer being sold, and Troy Hunt will continue running it independently
29 votes -
Sophos has received an offer to be acquired for $3.9 billion by private-equity firm Thoma Bravo
8 votes -
U2F help proposal
So, I cannot really financially contribute, but I'm a backend developer and I'd like to be able to authenticate using U2F 2FA. I'd like to know if you would be open to let me try to make a patch...
So, I cannot really financially contribute, but I'm a backend developer and I'd like to be able to authenticate using U2F 2FA.
I'd like to know if you would be open to let me try to make a patch that would add this feature to 2FA mechanisms.
12 votes -
Let's Encrypt has issued one billion certificates
12 votes -
EU Commission to staff: Switch to Signal messaging app
14 votes -
Defeating a Laptop's BIOS Password
13 votes -
Policy vs technology
15 votes -
Security researcher hacks SlickWraps, publishes a disclosure
8 votes -
I got a Ring doorbell camera. It scared the hell out of me.
11 votes -
Amazon Ring updates device security and privacy, including adding mandatory two-factor auth—but continues ignoring larger concerns
9 votes -
AZORult spreads as a fake ProtonVPN installer
9 votes -
Analysis of Voatz mobile voting app by MIT researchers finds elementary security flaws
11 votes -
Security researchers partner with Chrome to take down over 500 browser extensions in a fraud network affecting 1.7 million users
12 votes -
Dangerous Domain Corp.com Goes Up for Sale
21 votes -
Firefox will start deprecating TLS 1.0 and 1.1 with Firefox 74, releasing on March 10, 2020
16 votes -
Reverse engineering Blind's API and client side encryption
4 votes -
How Twitter's default settings enabled a security researcher to discover phone numbers for over seventeen million accounts
10 votes -
What to know before you buy or install an Amazon Ring camera
8 votes -
LPE and RCE in OpenSMTPD (CVE-2020-7247)
6 votes -
Ring's doorbell app for Android sends sensitive user data to multiple analytics and marketing companies
10 votes -
Handbook on countering Russian and Chinese interference in Europe
14 votes -
Heathrow Airport installs anti-drone system to detect threats
8 votes -
Exploiting the Windows CryptoAPI vulnerability
6 votes -
Critical Windows 10 exploit discovered which allows arbitrary software to be installed under the guise of Windows updates
20 votes -
Election security at the chip level – or, why your electronic voting options might not get better any time soon
5 votes -
Meet the mad scientist who wrote the book on how to hunt hackers
8 votes -
CVE-2020-0601 - Windows CryptoAPI spoofing vulnerability
16 votes -
Billions of medical images available online
10 votes -
Hackers are breaking directly into telecom companies to take over customer phone numbers
10 votes -
Tricky phish angles for persistence, not passwords
3 votes -
Multiple vulnerabilities discovered in TikTok enabling sending arbitrary links through SMS, exposing private account data, and more
11 votes -
reCAPTCHA: Is there method in monotony?
What started out as a little facetious in my own head leads me now to a serious question. Is there some meaningful reason why Google has to use a subsection of images for reCAPTCHA? I really...
What started out as a little facetious in my own head leads me now to a serious question. Is there some meaningful reason why Google has to use a subsection of images for reCAPTCHA? I really dislike having to do this and at the very least would appreciate some variation.
- Traffic Lights
- Buses
- Bicycles
- Cars
- Crosswalks
Is there something special about these things in this context? Is the visual noise they're usually associated with what makes them good candidates? Are Google just really into urban planning? Who knows...I'm hoping some Tilder smarter than I can help me out.
10 votes