Who Controls Bitcoin Core?

  January 29, 2019  |     |    Leave a comment

The question of who controls the ability to merge code changes into Bitcoin Core’s GitHub repository tends to come up on a recurring basis. This has been cited as a “central point of control” of the Bitcoin protocol by various parties over the years, but I argue that the question itself is a red herring… Read More

Leaked Documents Show How Instagram Polices Stories

  January 27, 2019  |     |    Leave a comment

Newly leaked internal documents obtained by Motherboard detail how Instagram polices content published through its Instagram Stories feature, which allows users to publish short videos and static images that generally stay on profiles for 24 hours. The fact that they often have multiple discrete parts can make it particularly difficult to moderate stories, the documents… Read More

China’s APT10

  January 27, 2019  |     |    Leave a comment

You’ve decided to tackle a high-end luxury apartment, the kind of building with multiple Picassos in the penthouse. You could spend weeks or months casing the place, studying every resident’s schedule, analyzing the locks on all the doors. You could dig through trash for hints about which units have alarms, run through every permutation of… Read More

Hackers bypassed vein based authentication with a fake hand

  January 27, 2019  |     |    Leave a comment

A couple of researchers demonstrated how to bypass vein based authentication using a fake hand build from a photo. If you consider vein based authentication totally secure, you have to know that a group of researchers demonstrated the opposite at the Chaos Communication Congress hacking conference. Vein based authentication scan invisible vein pattern (i.e. shape,… Read More

NSA to release a free reverse engineering tool

  January 7, 2019  |     |    Leave a comment

The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco. The software’s name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that… Read More

Logitech Keystroke Injection Flaw Went Unaddressed for Months

  December 15, 2018  |     |    Leave a comment

Computer peripheral giant Logitech has finally issued a patched version of its Logitech Options desktop app, after being taken to task for a months-old security flaw. The bug could of allowed adversaries to launch keystroke injection attacks against Logitech keyboard owners that used the app. Google Project Zero security researcher Tavis Ormandy found the bug… Read More

Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

  December 15, 2018  |     |    Leave a comment

Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan’ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. Source: thehackernews… Read More

Google+ bug exposes non-public profile data for 52 million users

  December 10, 2018  |     |    Leave a comment

Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were… Read More