jm + vulnerabilities   5

Falling through the KRACKs
I want to talk about why this vulnerability continues to exist so many years after WPA was standardized. And separately, to answer a question: how did this attack slip through, despite the fact that the 802.11i handshake was formally proven secure?
krack  security  wpa  wifi  ieee  crypto  vulnerabilities 
4 weeks ago by jm
Finding pearls; fuzzing ClamAV
great how-to for practical scanner fuzz testing
fuzz-testing  clamav  scanners  security  vulnerabilities  testing 
june 2016 by jm
DROWN attack
The latest SSL security hole. 'DROWN shows that merely supporting SSLv2 is a threat to modern servers and clients. It allows an attacker to decrypt modern TLS connections between up-to-date clients and servers by sending probes to a server that supports SSLv2 and uses the same private key.'
drown  attacks  vulnerabilities  sslv2  ssl  tls  security  holes 
march 2016 by jm
DRUG PUMP’S SECURITY FLAW LETS HACKERS RAISE DOSE LIMITS
The Hospira drug pump vulnerabilities described here sound pretty horrific
drugs  drug-pumps  hospira  exploits  vulnerabilities  security  root  dosage  limits 
may 2015 by jm
New South Wales Attacks Researchers Who Found Internet Voting Vulnerabilities | Electronic Frontier Foundation
'NSW officials seemed more interested in protecting their reputations than the integrity of elections. They sharply criticized Halderman and Teague, rather than commending them, for their discovery of the FREAK attack vulnerability. The Chief Information Officer of the Electoral Commission, Ian Brightwell, claimed Halderman and Teague’s discovery was part of efforts by “well-funded, well-managed anti-internet voting lobby groups,” an apparent reference to our friends at VerifiedVoting.org, where Halderman and Teague are voluntary Advisory Board members.1 Yet at the same time, Brightwell concluded that it was indeed possible that votes were manipulated.'
freak  security  vulnerabilities  exploits  nsw  australia  internet-voting  vvat  voting  online-voting  eff 
april 2015 by jm

Copy this bookmark:



description:


tags: