Peiter “Mudge” Zatko’s claims about the company’s lax security are all bad. But one clearly captures the extent of systemic issues.
Security / Security News
Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives
Plus: The Twilio hack snags a reporter, a new tool to check for spyware, and the Canadian weed pipeline gets hit by a cyberattack.
A New Tractor Jailbreak Rides the Right-to-Repair Wave
A hacker has formulated an exploit that provides root access to two popular models of the company’s farm equipment.
Flaw in the VA Medical Records Platform May Put Patients at Risk
The Veterans Affairs’ VistA software has a vulnerability that could let an attacker “masquerade as a doctor,” a security researcher warns.
The Feds Gear Up for a Privacy Crackdown
Plus: Cisco gets hit by ransomware, Twilio gets phished, a new way to fight email spammers, and much more.
Sloppy Software Patches Are a ‘Disturbing Trend’
The Zero Day Initiative has found a concerning uptick in security updates that fail to fix vulnerabilities.
Meta Just Happens to Expand Messenger’s End-to-End Encryption
The company says an expansion of privacy features in Messenger is unrelated to a high-profile Nebraska abortion case.
Google’s Android Red Team Had a Full Pixel 6 Pwn Before Launch
.jpg){kind=tracking}
Before the flagship phone ever landed in users’ hands, the security team thoroughly hacked it by finding bugs and developing exploits.
A Long-Awaited IoT Reverse Engineering Tool Is Finally Here
Ten years after it was first unveiled, the powerful firmware analysis platform Ofrak is now available to anyone.
Github Moves to Guard Open Source Against Supply Chain Attacks
The popular Microsoft-owned code repository plans to roll out code signing, which will help beef up the security of open source projects.