An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength.
Tag Archives: Security threats
Researchers hack VR worlds
Hackers just infiltrated virtual reality, enabling them to manipulate users’ immersive 3D worlds.
Privacy and security risks as Sign In with Apple tweaks Open ID protocol
An open letter from the OpenID Foundation says that Apple introduced potential risks when it diverged from the OpenID Connect protocol.
New Year’s eve gaming DDoSer lulz himself into a 27-month sentence
Back in 2014, @DerpTrolling said he attacked sites simply based on requests from people who tweeted suggested targets.
OpenPGP experts targeted by long-feared ‘poisoning’ attack
Somebody out there has taken a big dislike to Robert J. Hansen (‘rjh’) and Daniel Kahn Gillmor (‘dkg’), two well-regarded experts in the specialised world of OpenPGP email encryption.
Open Sesame! Zipato’s smart hub hacked to open front doors
The Zipato controller has three critical security flaws which could be used together by hackers to open your home’s doors for you, according to researchers.
IoT vendor Orvibo gives away treasure trove of user and device data
Researchers at web privacy review service vpnMentor discovered the data in an exposed ElasticSearch server online. It contains two billion items of log data from devices sold by Shenzen, China-based smart IoT device manufacturer Orvibo.
Georgia’s court system hit by ransomware
There’s a hint that it might involve Ryuk ransomware. If so, it might be the fourth Ryuk attack against state and local agencies since May.
Miami police body cam videos up for sale on the darkweb
Videos from Miami Police Department body cams were leaked and stored in unprotected, internet-facing databases, then sold on the darkweb.
Scary Granny zombie game slurps credentials, spawns phishing attack
Halloween came a little early for some Android users this year after a horror-themed computer game was found stealing their account credentials and displaying potentially malicious ads.