Category: security
-
Valve Games Were Vulnerable to Software Exploits When Your Character Died
The One Up Security firm, who must be very new because this is their only published research article and their domain name appears to have been registered about 8 months ago, has released information on a vulnerability that Valve patched in their Source engine back in June. It’s an amusing vulnerability because the exploitation of…
-
Variety’s Janko Roettgers Interviews the Latest Hollywood Studio That Got Hacked
Some time last year the audio post-production studio, Larson, got hacked and the attackers leaked Netflix’s latest season of Orange is the New Black. Variety’s Janko Roettgers has an interview with Larson’s folks to talk about the attack. It’s not an incredibly technical overview, but it is fascinating to read. After reading the article I…
-
HP’s Built-in Keystroke Logger
Many HP laptops have a built-in keylogger in their audio drivers according to computer security firm Modzero AG (via Ars’ Dan Goodin). Keyloggers record what you type, typically covertly, for the purposes of someone else getting access to that text data later on. In this case the researches did not find any malicious capability in the driver…
-
Typosquatting Package Managers
Fascinating attack on unmoderated package managers for programming libraries (via former TimeDoctor contributor, Vogon) that would work just as well on unmoderated app stores: In the second part of 2015 and the early months of 2016, I worked on my bachelors thesis. In this thesis, I tried to attack programming language package managers such as Pythons PyPi,…
-
Money in the Bank
The decades-old institution of civil asset forfeiture just got amazingly worse through the new practice of seizing cash in bank accounts at a whim without any due process: Now, the Oklahoma Highway Patrol has a device that also allows them to seize money in your bank account or on prepaid cards. It’s called an ERAD,…