all InfoSec news
Microsoft Patched Bing Vulnerability That Allowed Snooping on Email, Other Data
April 7, 2023, 2:01 a.m. | Robert McMillan
The RISKS Digest catless.ncl.ac.uk
Marco Marcelline, *PC Magazine*, 25 Mar 2023, via ACM TechNews
Participants of the Pwn2Own software exploitation conference hacked
technology from automaker Tesla twice at the Zero Day Initiative's Pwn2Own
software exploitation conference, earning $350,000 and a Model 3
infotainment system. The team from French security company Synacktiv
executed a time-of-check-to-time-of-use (TOCTOU) exploit against a Tesla
Gateway, then employed a heap overflow and an out-of-band write
vulnerability to gain access to and compromise the Model 3. Pwn2Own
describes a TOCTOU exploit …
access bing check compromise conference data earning email exploit exploitation french gateway hacked initiative magazine marco microsoft overflow pwn2own race condition security snooping software synacktiv system team technews technology tesla toctou vulnerability zero day initiative
More from catless.ncl.ac.uk / The RISKS Digest
EFI IPv6/PXE Security Flaw
3 months, 1 week ago |
catless.ncl.ac.uk
Imaging privacy threats from an ambient light sensor
3 months, 1 week ago |
catless.ncl.ac.uk
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Cloud Security Analyst
@ Cloud Peritus | Bengaluru, India
Cyber Program Manager - CISO- United States – Remote
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
Network Security Engineer (AEGIS)
@ Peraton | Virginia Beach, VA, United States
SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May
@ EMW, Inc. | Mons, Wallonia, Belgium
Information Systems Security Engineer
@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)