Category Archives: security hacks

Faxsploit – Exploiting A Fax With A Picture

Security researchers have found a way to remotely execute code on a fax machine by sending a specially crafted document to it. So… who cares about fax? Well apparently a lot of persons are still using it in many institutions, governments and industries, including the healthcare industry, legal, banking and …read more

Continue reading

Posted in defcon, exploit, fax, faxsploit, security hacks | Leave a comment

Raspberry Pi Becomes The Encrypted Password Keeper You Need

Unless you’re one of the cool people who uses the same password everywhere, you might be in need of a hardware device that keeps your usernames and passwords handy. The Passkeeper is a hardware password storage system built on a Raspberry Pi. It encrypts your passwords, and only through the …read more

Continue reading

Posted in password, password keeper, Raspberry Pi, security, security hacks | Leave a comment

Hash and Roll Your Way To Secure Passwords

In the electronic battlefield that is 2019, the realm of password security is fraught with dangers. Websites from companies big and small leak like sieves, storing user data in completely unsecure ways. Just about the worst thing you can do is use the same password across several services, meaning that …read more

Continue reading

Posted in dice, password, password manager, passwords, security hacks | Leave a comment

WOPR: Security Loses Some of its Obscurity

As we’ve seen time and time again, the word “hacker” takes on a different meaning depending on who you’re talking to. If you ask the type of person who reads this fine digital publication, they’ll probably tell you that a hacker is somebody who likes to learn how things work …read more

Continue reading

Posted in ble, cons, Hackaday Columns, internet of things, RTL-SDR, sdr, security, security hacks, software hacks, WOPR Summit | Leave a comment

What Hardware Lies Beneath? Companies Swear They Never Meant to Violate Your Privacy

“Don’t Be Evil” was the mantra of Google from years before even Gmail was created. While certainly less vague than their replacement slogan “Do the Right Thing”, there has been a lot of criticism directed at Google over the past decade and a half for repeatedly being at odds with …read more

Continue reading

Posted in Current Events, Hackaday Columns, Nest Guard, Original Art, rants, security hacks, Singapore Airlines, surveillance, undisclosed features, undisclosed hardware | Leave a comment

Voja Antonic: Designing the Cube

Voja Antonic designed this fantastic retrocomputing badge for Hackaday Belgrade in 2018, and it was so much fun that we wanted to bring it stateside to the Supercon essentially unaltered. And that meant that Voja had some free time to devote to a new hardware giveaway: the Cube. So while his talk at Supercon in November was ostensibly about the badge, he just couldn’t help but tell us about his newer love, and some of the extremely clever features hidden within.

It’s funny how the hardware we design can sometimes reflect so much on the creator. Voja designed then-Yugoslavia’s first …read more

Continue reading

Posted in 2018 Hackaday Superconference, badge, cons, encryption, Hackaday Columns, hardware, one time pad, security hacks, talks, Voja Antonic | Leave a comment

Unlocking God Mode on x86 Processors

We missed this Blackhat talk back in August, but it’s so good we’re glad to find out about it now. [Christopher Domas] details his obsession with hidden processor instructions, and how he discovered an intentional backdoor in certain x86 processors. These processors have a secondary RISC core, and an undocumented procedure to run code on that core, bypassing the normal user/kernel separation mechanisms.

The result is that these specific processors have an intentional mechanism that allows any unprivileged user to jump directly to root level access. The most fascinating part of the talk is the methodical approach [Domas] took to …read more

Continue reading

Posted in computer hacks, computer security, CPU architecture, security hacks, x86 | Leave a comment

What Happens When A Regular Person Finds A Huge Security Flaw?

The biggest news in the infosec world, besides the fact that balaclavas are becoming increasingly popular due to record-low temperatures across the United States, is that leet haxors can listen to you from your iPhone using FaceTime without you even answering the call. There are obvious security implications of this bug: phones should only turn on the microphone after you pick up a call. This effectively turns any iPhone running iOS 12.1 or later into a party line. In response Apple has taken group FaceTime offline in preparation of a software update later this week.

So, how does this FaceTime …read more

Continue reading

Posted in apple, Balaclava, facetime, InfoSec, news, security hacks | Leave a comment

UPnP, Vulnerability As A Feature That Just Won’t Die

UPnP — in a perfect world it would have been the answer to many connectivity headaches as we add more devices to our home networks. But in practice it the cause of a lot of headaches when it comes to keeping those networks secure.

It’s likely that many Hackaday readers provide some form of technical support to relatives or friends. We’ll help sort out Mom’s desktop and email gripes, and we’ll set up her new router and lock it down as best we can to minimise the chance of the bad guys causing her problems. Probably one of the first …read more

Continue reading

Posted in chromecast, Current Events, Featured, news, PewDiePie, routers, security, security hacks, T-series, upnp, youtube | Leave a comment

Cybersecurity and Insurance

Insurance is a funny business. Life insurance, for example, is essentially betting someone you will die before your time. With the recent focus on companies getting hacked, it isn’t surprising that cybersecurity insurance is now big business. Get hacked and get paid. Maybe.

The reason I say maybe is because of the recent court battle between Zurich and Mondelez. Never heard of them? Zurich is a big insurance company and Mondelez owns brands like Nabisco, Oreo, and Trident chewing gum, among others.

It all started with the NotPetya ransomware attack in June of 2017. Mondelez is claiming it lost over …read more

Continue reading

Posted in Current Events, cybersecurity, cybersttack, cyberwar, Featured, notpetya, security hacks | Leave a comment