How China Used a Tiny Chip to Infiltrate U.S. Companies

In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream… Read More

Over a dozen vulnerabilities uncovered in BMW vehicles

After 13 months of research, the team discovered 14 vulnerabilities which could place connected cars at risk of compromise. The tests were conducted with BMW’s backing and in laboratory conditions. Impacted vehicles are included in the automaker’s i Series, X1 sDrive, 5 Series, and 7 Series. In total, as documented in Keen Security Lab’s technical… Read More

A flaw in a connected alarm system exposed vehicles to remote hacking

Car hacking has become a major focus in the security community in recent years, as more vehicles are hooked up to the cellular internet. But while convenient to control your car from your phone, it’s also opened up new points for attack — which could have real-world consequences. You might not even realize you’re a… Read More

Hacker Publicly Posts Data Stolen From Government-Linked Cyberespionage Group

Last week, Motherboard reported that a vigilante hacker had stolen data from a hacking group that researchers say is a government-linked cyberespionage unit. The data included GPS locations, text messages, and phone calls that the group had taken from their own victims. Now, that hacker has seemingly published the stolen data online for anyone to… Read More

Turkey’s Government Tried to Hack Hundreds of Protesters Over Twitter, Researchers Say

Hackers—apparently working for the Turkish government— attempted to infect a large number of Turkish dissidents and protesters by spreading spyware on Twitter, according to a new report by digital rights organization Access Now. The organization’s researchers found seven new samples of spyware made by the infamous surveillance tech vendor FinFisher. One of them targeted several… Read More

Vigilante Hacks Government-Linked Cyberespionage Group

Somewhere, government-linked hackers might be panicking. A digital vigilante has struck back against what researchers believe is a cyberespionage group connected to a nation state. The hacker has allegedly stolen, rather ironically, a cache of data that the government-linked hackers lifted from their own victims across the Middle East. The news provides a rare instance… Read More

Researchers link a decade of potent hacks to Chinese intelligence group

Researchers said Chinese intelligence officers are behind almost a decade’s worth of network intrusions that use advanced malware to penetrate software and gaming companies in the US, Europe, Russia, and elsewhere. The hackers have struck as recently as March in a campaign that used phishing emails in an attempt to access corporate-sensitive Office 365 and… Read More

7-Zip: From Uninitialized Memory to Remote Code Execution

Very abstractly, the bug can be described as follows: The initialization of some member data structures of the RAR decoder classes relies on the RAR handler to configure the decoder correctly before decoding something. Unfortunately, the RAR handler fails to sanitize its input data and passes the incorrect configuration into the decoder, causing usage of… Read More

Home Chip Fabrication in 66 Steps

Without further ado, I present the first home(garage)made lithographically-fabricated integrated circuit – the “Z1” PMOS dual differential amplifier chip. I say “lithographically-fabricated” becauseJeri Ellsworth made the first transistors and logic gates (meticulously hand wired with conductive epoxy) andshowedthe world that this is possible. Inspired by her work, I have demonstratedICsmade by a scalable, industry-standard, photolithographic… Read More