Press Archive
InfoWorld.com
A security researcher at Juniper Networks says he plans to demonstrate a new class of attack that can be used to compromise electronic devices like routers or mobile phones. The vulnerability lies in the ARM and XScale microprocessors, two chips that are widely used in these “embedded” devices. “There are interesting quirks in the ARM and XScale architectures that make things very easy for an attacker,” said Juniper’s Barnaby Jack. The technique he has developed is “100 percent reliable, and it results in code execution on the device,” he said.
[ continue ]CSOOnline.com
Brian Oblivion. Kingpin. Mudge. Space Rogue. Stefan von Neumann. Tan. Weld Pond. That’s how the hacker group called the L0pht appeared before the Senate Subcommittee on Government Cybersecurity on May 19, 1998. They said, among other things, that they could take down the Internet in 30 minutes. The senators listened closely and afterward praised them effusively.
[ continue ]SearchSecurity.com
The completely bizarre yet sadly familiar series of events that led to a security researcher canceling and then later delivering a modified version of a talk on RFID security at the Black Hat DC conference Tuesday provided clear evidence that many vendors are still entirely clueless about security and their responsibility to customers.
[ continue ]SearchSecurity.com
A security researcher who said he was pressured by radio frequency identification (RFID) chip maker HID Corp. to scrap his demonstration of a device that could clone RFID enabled proximity badges, ended up delivering a modified version of his talk anyway, albeit one without any details specific to HID’s products.
[ continue ]InfoWorld.com
The widely reported dispute between security firm IOActive and secure card maker HID has raised awareness about the risks associated with RFID proximity cards and may prompt DHS warnings to government agencies about use of the technology. Representatives from IOActive, Black Hat, the ACLU, and the U.S. Department of Homeland Security laid bare the vulnerabilities inherent in the popular proximity cards and debated with a HID representative at a panel discussion about RFID vulnerabilities that was part of the Black Hat Federal security conference.
[ continue ]