Category Archives: news

This Week in Security: F5, Novel Ransomware, Freta, and Database Woes

The big story of the last week is a problem in F5’s BIG-IP devices. A rather trivial path traversal vulnerability allows an unauthenticated user to call endpoints that are intended to be restricted to authenticated. That attack can apparently be as simple as:

A full exploit has been added to …read more

Continue reading

Posted in Hackaday Columns, news, ransomware, security hacks, This Week in Security, vulnerabilities | Leave a comment

Bridge Over Trebled Water: How the Golden Gate Bridge Started to Sing

Throughout the spring, some Bay Area residents from Marin County to the Presidio noticed a sustained, unplaceable high-pitched tone. In early June, the sound reached a new peak volume, and recordings of the eerie noise spread across Twitter and Facebook. Soon after, The Golden Gate Bridge, Highway, & Transportation District, …read more

Continue reading

Posted in Engineering, Featured, Golden Gate Bridge, moaning, news, Original Art, railing, singing, whistling, wind tunnel | Leave a comment

This Week in Security: Palo Alto Scores a 10, Cursed Images, VM Escapes, and Malicious Music

We’ve looked at many vulnerabilities over the years here on Hackaday, but it’s rather rare for a CVE to score a perfect 10 severity. This is reserved for the most severe and exploitable of problems. Palo Alto announced such a vulnerability, CVE-2020-2021, on the 29th. This vulnerability affects Palo Alto …read more

Continue reading

Posted in CVE, news, This Week in Security, vmware | Leave a comment

Your Own Open Source ASIC: SkyWater-PDF Plans First 130 nm Wafer in 2020

You might have caught Maya Posch’s article about the first open-source ASIC tools from Google and SkyWater Technology. It envisions increased access to make custom chips — Application Specific Integrated Circuits — designed using open-source tools, and made real through existing chip fabrication facilities. My first thought? How much does …read more

Continue reading

Posted in 130 nm, ASIC, custom chip, custom silicon, fpga, Hackaday Columns, news, open source, skywater | Leave a comment

Updating the Language of SPI Pin Labels to Remove Casual References to Slavery

This morning the Open Source Hardware Association (OSHWA) announced a resolution for changing the way SPI (Serial Peripheral Interface) pins are labelled on hardware and in datasheets. The protocol originally included MOSI/MISO references that stand for “Master Out, Slave In” and “Master In, Slave Out”. Some companies and individuals have …read more

Continue reading

Posted in CIPO, COPI, Featured, language, Microcontrollers, MISO, MOSI, news, OSHWA, sdi, SDO, spi, terminology | Leave a comment

Ask Hackaday: What Can Be Done with Your Bootlooping Blu-Ray?

Last Friday, thousands of owners of Samsung Blu Ray players found that their home entertainment devices would no longer boot up. While devices getting stuck in a power-cycling loop is not uncommon, this case stands out as it affected a huge range of devices all at the same time. Samsung’s …read more

Continue reading

Posted in Ask Hackaday, blu-ray, certificate, news, samsung, ssl, ssl certificate | Leave a comment

This Week in Security: Bitdefender, Ripple20, Starbucks, and Pwned Passwords

[Wladimir Palant] seems to be on a one man crusade against security problems in security software. The name may not be immediately recognizable, but among his other infamies is originating Adblock Plus, which we have a love-hate relationship with. (Look, surf the net with an adblocker, but disable it for …read more

Continue reading

Posted in Hackaday Columns, news, Pwned Passwords, security hacks, This Week in Security | Leave a comment

Smartglove Helps Cyclists Be Seen

Cyclists share the road with other vehicles, often leading to problems when drivers fail to see or respect the rider’s space. To try and alleviate these issues, [Matlek] built the Smartglove to help cyclists communicate their intentions to other road users.

The project consists of a glove fitted with an …read more

Continue reading

Posted in news | Leave a comment

This Week in Security: HaveIBeenPwned And Facebook Attack Their Customers

We’re fans of haveibeenpwned.com around here, but a weird story came across my proverbial desk this week — [Troy Hunt] wrote a malicious SQL injection into one of their emails! That attack string was a simple ';--

Wait, doesn’t that look familiar? You remember the header on the haveibeenpwned web …read more

Continue reading

Posted in docker, little bobby tables, news, ransomware, security hacks, This Week in Security | Leave a comment

Copy and Paste Deemed Insecure

Back when Windows NT was king, Microsoft was able to claim that it met the strict “Orange Book” C2 security certification. The catch? Don’t install networking and remove the floppy drives.  Turns out most of the things you want to do with your computer are the very things that are …read more

Continue reading

Posted in chrome, clipboard, cut and paste, cybersecurity, firefox, news, security, security hacks, vulnerability, xss | Leave a comment