A default VirtualBox virtual network device has a vulnerability allowing an attacker with root privilege to escape guest OS, execute commands in ring3 on a host.
All operating systems affected.
Researchers at Radboud University in the Netherlands have revealed encryption vulnerabilities in the solid-state drives (SSD).
Samsung nor Crucial manufacturers are producing buggy firmware where anybody who steals your drive is able to decrypt it on their own.
Police in the Netherlands were able to decrypt more than 258,000 messages sent using proprietary IronChat end-to-end (probably not) encrypted messaging application.
Lessons learned: do not use custom, proprietary, "exclusive" application nobody else except your gang members have...
The first release of 5G (3GPP Release 15) includes protection against an active IMSI catching.
"But in a typical case where 5G UE also supports LTE, it is still vulnerable to LTE IMSI catchers."
New "PortSmash" CPU side channel vulnerability impacts all CPUs that use a Simultaneous Multithreading (SMT).
The vulnerability has been discovered by researchers from the Tampere University of Technology in Finland and Technical University of Havana, Cuba.
Troy Hunt published blog on how passwords are superior to many alternative methods, primarily because "everyone understands how to use it".
US Cyber Command (USCYBERCOM) starts uploading unclassified foreign APT malware samples to VirusTotal.
Iran found CIA spies by Googling their online communication channels after double agent told them modus operandi.
Some explanation by Doug Madory of Oracle on how and when China Telecom hijacked BGP routing to send US-to-US traffic via mainland China.
Early version of an open source, free WireGuard for iOS VPN tunneling implementation is in public testing.
Microsoft releases a Linux version of their ProcDump Sysinternals Tool.