SSD Encryption from Crucial and Samsung is not secure Exposes Data

/
0 Comments
The researchers examined multiple SSDs, including Crucial and Samsung, some of which they found could be unlocked with any password if the password validation routine in RAM was modified through a standard JTAG debugging interface.

Information Commissioner Calls for Regulation of Social Media Following Cambridge Analytica scandal

/
0 Comments
Information commissioner calls for regulation of social media following Cambridge Analytica scandal

Ruby2.3 Security Update – CVE-2018-16395 CVE-2018-16396

/
0 Comments
Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems:

UK’s Information Commissioner’s Office (ICO) Slap Fines on Facebook and Equifax

/
1 Comment
Facebook was fined £500,000 by the UK's Information Commissioner’s Office (ICO) for its role in the Cambridge Analytica data scandal.

Cisco WebEx Meetings Server XML External Entity (CVE-2018-18895)

/
0 Comments
Cisco Webex Meetings Server includes a version of Castor XML that is affected by XXE. Because of that Cisco WebEx Meetings Server prior to versions 2.8MR3 and 3.0MR2 patch 1 are affected from XXE vulnerability.

U-Boot verified boot bypass vulnerabilities (CVE-2018-18439, CVE-2018-18440)

/
0 Comments
Multiple techniques have been identified that allow to execute arbitrary code, within a running U-Boot instance, by means of externally provided unauthenticated data.

New PortSmash Side-Channel Vulnerability (CVE-2018-5407)

/
0 Comments
A new vulnerability being called PortSmash, (CVE-2018-5407) has been discovered impacting all CPUs that use a Simultaneous Multithreading (SMT) architecture. SMT is a technology that allows multiple computing threads to be executed simultaneously on a CPU core.

Eurostar Customers Reset Passwords After Security Breach

/
0 Comments
Eurostar forced all of its customers to reset their passwords after indications of a possible breach by hackers attempted to access user accounts.

Continuous Monitoring : Academic Paper

/
31 Comments
The Federal Information Security Act (FISMA) of 2002 requires that government agencies report on their Information Technology Security Status annually to the Office of Management and Budget (OMB).

Armis Discovers “BLEEDINGBIT,” Two Critical Chip-Level Vulnerabilities

/
0 Comments
Armis, the enterprise IoT security company, today announced the discovery of two critical vulnerabilities related to the use of Bluetooth Low Energy (BLE) chips made by Texas Instruments (TI), and used in Cisco, Meraki and Aruba wireless access points, called "BLEEDINGBIT."