Vulnerable BlackBerry Workspaces Server API

BlackBerry Workspaces Server is a system designed for system administrators to manage workspaces, devices, and users. A recent vulnerability with this service involves taking advantage of an Application Programming Interface (API) with the service. An API is a set of subroutine definitions, protocols, and tools Continue Reading

Optionsbleed: Heartbleed’s Less Threatening Cousin

Heartbleed is a vulnerability with a feature in OpenSSL, a software application used to establish secure communications over computer networks, known as heartbeat in 2014. This vulnerability affected the Transport Layer Socket (TLS) and Datagram Transport Layer Security (DTLS) in OpenSSL version 1.0.1. This vulnerability Continue Reading

Microsoft .NET and Android Toast Vulnerabilities Patched

Microsoft and Android have recently pushed out updates during this month’s Patch Tuesday for their known vulnerabilities on September 12 and September 5, respectively. Both of these operating system (OS) platforms patched around 80 of these known vulnerabilities. Among the vulnerabilities both OS’ patched were Continue Reading

DoxaGram: Instagram API used to Extract Millions of User Information

Ido Naor, a researcher for Kaspersky Lab, reported to Instagram on August 31 that there was a bug in Intagram’s API password reset section. There were approximately a total of 6 million “‘high-profile’” accounts that had their personal phone numbers and email addresses stolen. These Continue Reading

Siri, Alexa and other AI get Ultrasounds, the result is the Dolphin Attack

Researchers from China’s Zhejiang University have found an interesting vulnerability in all the major AI smart assistants. They have dubbed their attack framework as DolphinAttack. This attack relies on using the sound frequencies outside the human audible range or those above 20kHz.  In all cases Continue Reading