Recent Posts

IEEE P1735 Implementations May Have Weak Cryptographic Protections

The vulnerability outlined in this CERT vulnerability below may allow malicious actors to either reverse engineer software subject to access control or licensing, or make use of the exposed intellectual property as part of a further exploit, even to the level of inserting hardware Trojans. While a real-world exploit is …

Read More »

Struts: One of the Most Impactful Cyber Threats in Recent Years

The vulnerability discovered at the beginning of this year in Apache Struts, widely used in web application development, is the source of countless attacks on organizations around the world, including the USA. A worrying increase has been noted in the number of actions that take advantage of this vulnerability to …

Read More »

Over 30 Years of Hacking—and No Improvements on the Horizon

It is 31 years ago that Cliff Stoll discovered a hacker tunneling into US government networks by passing through his computers at the Lawrence Berkeley Lab. Stoll was asked to clear up a billing discrepancy, discovered the German hacker who was working for the KGB, and alerted the US government managers …

Read More »