On 3 January 2018, security researchers at Google, Graz University of Technology, and several other education institutions disclosed multiple vulnerabilities found in most modern Intel, AMD and ARM processors. The more severe vulnerability, Meltdown (CVE-2017-5754), appears isolated to Intel processors developed in the last 10 years. Spectre (CVE-2017-5715 and CVE-2017-5753) on … [Read more...]
macOS High Sierra Password Theft Vulnerability
A security researcher spoiled Apple’s release of macOS High Sierra today when he published a video showing a zero day exploit of the built-in password management system, Keychain. macOS uses the Keychain system to securely store encrypted passwords, cryptographic keys, and SSL certificates. Normally, applications should not be able to programmatically retrieve plaintext … [Read more...]
Should The Responsible Disclosure Process Be Standardized?
For every cyber-villain looking to exploit software and hardware vulnerabilities, there’s a cyber-hero fighting to expose (and close) those same security flaws. That reporting process is called responsible disclosure. But in today’s complex cyber landscape, the rules of responsible disclosure can vary dramatically. Begging the question, should the industry be standardizing this … [Read more...]
Major Cybersecurity Concerns for 2017 – Experts Weigh In
It’s 2017 and it’s safe to say that cybersecurity will continue to be a major concern for businesses, governments and the general public this year. As factors like the election, nation-state hacking and new advanced threats contribute to uncertainty about the future of the industry, a recent CSO Online article presented security predictions for 2017 from top vendors and … [Read more...]
Ransomware Exploits Flash 0day – Daily Security Byte EP. 244
Next week is Microsoft and Adobe's Patch Day. However, on Thursday Adobe released an emergency security advisory to fix a zero day Flash vulnerability. Watch the episode below to learn why you should get this update to avoid drive-by download attacks pushing ransomware. (Episode Runtime: 1:44) Direct YouTube Link: https://www.youtube.com/watch?v=F2MKTU9ZIO4 EPISODE … [Read more...]
