0 days

After ransomware took Baltimore hostage, Maryland introduces legislation that bans disclosing the bugs ransomware exploits

After ransomware took Baltimore hostage, Maryland introduces legislation that bans disclosing the bugs ransomware exploits

Last spring, a Baltimore underwent a grinding, long-term government shutdown after the city's systems were hijacked by ransomware. This was exacerbated by massive administrative incompetence: the city
Japanese robot hotel chain ignored repeated warnings that its in-room “bed-facing” robots could be turned into spy devices

Japanese robot hotel chain ignored repeated warnings that its in-room “bed-facing” robots could be turned into spy devices

Japan's Henn na Hotel chain, owned by the HIS Group, uses "bed-facing Tapia robots" in its rooms; these robots turn out to be incredibly insecure: you can update them by pairing with them using a NFC
Son of Ghostnet: the mobile malware that targets Tibetans abroad

Son of Ghostnet: the mobile malware that targets Tibetans abroad

Citizen Lab (previously) is one of the world's top research institutions documenting cyber-attacks against citizen groups, human rights activists, journalists and others; ten years ago, they made
Alex Stamos schools Apple after they whine about Google revealing a whack of Ios zero-days

Alex Stamos schools Apple after they whine about Google revealing a whack of Ios zero-days

Early this month, Google's Project Zero revealed a breathtaking attack on multiple OSes, including Apple's Ios, in which a website that served Uyghur people was found to be hosting at least five

Zoom has slow-walked a fix for a bug that allows randos to take over your Mac's camera

Zoom is an incredibly popular videoconferencing tool. In late March, security researcher Jonathan Leitschuh notified the company that its Mac software contained a ghastly vulnerability that allowed

Discovering whether your Iphone has been hacked is nearly impossible thanks to Apple's walled garden

This week, we learned that the notorious Israeli cyber-arms-dealer NSO Group had figured out how hijack your Iphone or Android phone by placing a simple Whatsapp call, an attack that would work even

Oracle's bad faith with security researchers led to publication of a Virtualbox 0-day

In the debate over "responsible disclosure," advocates for corporate power say that companies have to be able to decide who can reveal defects in their products and under which circumstances, lest bad
Security researchers can access and modify security footage from Nuuo surveillance systems

Security researchers can access and modify security footage from Nuuo surveillance systems

https://www.youtube.com/watch?v=2EuFOZfRL4U Nuuo is a leading vendor of "trusted video management" tools used in conjunction with CCTVs deployed in sensitive applications like surveillance of
For $4k/year, Moscow cyber-arms-dealer Gleg will sell you 25 0-day bugs for attacking hospitals

For $4k/year, Moscow cyber-arms-dealer Gleg will sell you 25 0-day bugs for attacking hospitals

https://vimeo.com/105542404 Gleg is a cyber-arms-dealer based in Moscow, selling zero-day vulnerabilities it has uncovered in widely used systems to companies that want to weaponize them. (more…)
Cyber-arms-dealer Grey Heron really, really doesn't want you to know about the connections between them and the disgraced Hacking Team

Cyber-arms-dealer Grey Heron really, really doesn't want you to know about the connections between them and the disgraced Hacking Team

When Grey Heron surfaced this month selling anti-Signal and anti-Telegram surveillance tools at a UK trade show for cyber-arms-dealers, sharp-eyed journalists at Motherboard immediately noticed that
When Justin Trudeau was in opposition, he voted for Canada's PATRIOT Act but promised to fix it; instead he's making it much, much worse

When Justin Trudeau was in opposition, he voted for Canada's PATRIOT Act but promised to fix it; instead he's making it much, much worse

Back in 2015, Canada's failing, doomed Conservative government introduced Bill C-51, a far-reaching mass surveillance bill that read like PATRIOT Act fanfic; Justin Trudeau, leader of what was then a