• img August 22, 2017

Industrial Cobots Might Be The Next Big IoT Security Mess

Researchers at IOActive are sounding an early alarm on the security of industrial collaboration robots, or cobots. These machines work side-by-side with people and contain vulnerabilities that could put physical safety at risk.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/industrial-cobots-might-be-the-next-big-iot-security-mess/

Read More
  • img August 21, 2017

Hacking smartphones with malicious replacement parts

Smartphone users can now add a new entry to the list of things they need to worry about: their phones being compromised via replacement parts. A group of researchers from Ben-Gurion University of the Negev has demonstrated that hardware replacements – e.g. touchscreens, NFC readers, wireless charging controllers, and so on – can be equipped […]

Read More
  • img August 21, 2017

Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method

Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/facebook-awards-100k-to-researchers-for-credential-spearphishing-detection-method/

Read More
  • img August 21, 2017

Meeting and Hotel Booking Provider’s Data Found in Public Amazon S3 Bucket

Personal and business data belonging to Boston area meeting and hotel booking provider Groupize was discovered in a publicly accessible Amazon Web Services S3 bucket, which has since been locked down.   This post was originally published on https://threatpost.com/feed/. https://blacklakesecurity.com/meeting-and-hotel-booking-providers-data-found-in-public-amazon-s3-bucket/

Read More
  • img August 21, 2017

Third party trackers on web shops can identify users behind Bitcoin transactions

More and more shopping Web sites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them – even if they are using blockchain anonymity techniques such as CoinJoin. Two attacks Independent researcher Dillon Reisman and Steven Goldfeder, Harry Kalodner and Arvind Narayanan from Princeton […]

Read More