Category Archives: security hacks

Cryptographic LCDs Use The Magic of XOR

Digital security is always a moving target, with no one device or system every being truly secure. Whether its cryptographic systems being compromised, software being hacked, or baked-in hardware vulnerabilities, it seems there is always a hole to be found. [Max Justicz] has a taste for such topics, and decided …read more

Continue reading

Posted in cryptography, lcd, security hacks, xor | Leave a comment

Learn Software Reverse Engineering: Ghidra Class Videos from HackadayU Now Available!

The HackadayU video series on learning to use Ghidra is now available!

Ghidra is a tool for reverse engineering software binaries — you may remember that it was released as Open Source by the NSA last year. It does an amazing job of turning compiled binaries that tell the computer …read more

Continue reading

Posted in HacakdayU, Hackaday Columns, how-to, reverese engineering, security hacks, wrongbaud | Leave a comment

This Week in Security: Iran’s ITG18, ProcMon for Linux, and Garbage Collection Fail

Even top-tier security professionals make catastrophic mistakes, and this time it was the operators at Iran’s ITG18. We’re once again talking about the strange shadowy world of state sponsored hacking. This story comes from the IBM X-Force Incident Response Intelligence Services (IRIS). I suspect a Deadpool fan must work at …read more

Continue reading

Posted in garbage collection, Hackaday Columns, news, security hacks, Sysinternals | Leave a comment

Hands-On: Wireless Login with the New Mooltipass Mini BLE Secure Password Keeper

Remembering passwords is one of those things which one just cannot seem to escape. At the very least, we all need to remember a single password: namely the one for unlocking a password manager. These password managers come in a wide variety of forms and shapes, from software programs to …read more

Continue reading

Posted in ble, fido2, Hackaday Columns, mooltipass, Mooltipass Mini, mooltipass mini BLE, offline password keeper, password keeper, password manager, reviews, security hacks, tfa | Leave a comment

This Week in Security: Twitter, Windows DNS, SAP RECON

Twitter just had their biggest security breach in years. Mike warned us about it on Wednesday, but it’s worth revisiting a few of the details. The story is still developing, but it appears that malicious actors used social engineering to access an internal Twitter dashboard. This dashboard, among other interesting …read more

Continue reading

Posted in android, apple, Hackaday Columns, news, security hacks, This Week in Security, Windows Server | Leave a comment

Exposing Computer Monitor Side-Channel Vulnerabilities with TempestSDR

Having been endlessly regaled with tales of side-channel attacks and remote exploits, most of us by now realize that almost every piece of gear leaks data like a sieve. Everything from routers to TVs to the power supplies and cooling fans of computers can be made to give up their …read more

Continue reading

Posted in Airspy, HackRF, hdmi, monitor, radio hacks, RF, sdr, sdrplay, security hacks, side channel attack, signal analysis, TempestSDR, vga | Leave a comment

This Week in Security: F5, Novel Ransomware, Freta, and Database Woes

The big story of the last week is a problem in F5’s BIG-IP devices. A rather trivial path traversal vulnerability allows an unauthenticated user to call endpoints that are intended to be restricted to authenticated. That attack can apparently be as simple as:

A full exploit has been added to …read more

Continue reading

Posted in Hackaday Columns, news, ransomware, security hacks, This Week in Security, vulnerabilities | Leave a comment

The Cheap Way to Glitch an STM8 Microcontroller

Reverse engineering or modifying a device often requires you to access the firmware stored on a microcontroller. Since companies are usually not fond of people who try to peek into their proprietary data, most commercial devices are readout protected. [rumpeltux] ran into this problem when he tried to dump the …read more

Continue reading

Posted in failure injection, fpga, glitching, memory read-out protection, Microcontrollers, security hacks, stm8 | Leave a comment

This Week in Security: Bitdefender, Ripple20, Starbucks, and Pwned Passwords

[Wladimir Palant] seems to be on a one man crusade against security problems in security software. The name may not be immediately recognizable, but among his other infamies is originating Adblock Plus, which we have a love-hate relationship with. (Look, surf the net with an adblocker, but disable it for …read more

Continue reading

Posted in Hackaday Columns, news, Pwned Passwords, security hacks, This Week in Security | Leave a comment

This Week in Security: HaveIBeenPwned And Facebook Attack Their Customers

We’re fans of haveibeenpwned.com around here, but a weird story came across my proverbial desk this week — [Troy Hunt] wrote a malicious SQL injection into one of their emails! That attack string was a simple ';--

Wait, doesn’t that look familiar? You remember the header on the haveibeenpwned web …read more

Continue reading

Posted in docker, little bobby tables, news, ransomware, security hacks, This Week in Security | Leave a comment