Tag Archives: security-news

Tricky Web Timing Attacks Are Getting Easier to Use—and Abuse

Researchers have long known that they can glean hidden information about the inner workings of a website by measuring the amount of time different requests take to be fulfilled and extrapolating information—and potential weaknesses—from slight variations. Such “web timing attacks” have been described for years, but they would often be …

Read More »

Computer Crash Reports Are an Untapped Hacker Gold Mine

When a bad software update from the security firm CrowdStrike inadvertently caused digital chaos around the world last month, the first signs were Windows computers showing the Blue Screen of Death. As websites and services went down and people scrambled to understand what was happening, conflicting and inaccurate information was …

Read More »

A Flaw in Windows Update Opens the Door to Zombie Exploits

New research being presented at the Black Hat security conference in Las Vegas today shows that a vulnerability in Windows Update could be exploited to downgrade Windows to older versions, exposing a slew of historical vulnerabilities that then can be exploited to gain full control of a system. Microsoft says …

Read More »