02 May 2017
Let's talk a little about passwords today. Have we all heard of the infamous LinkedIn password breach back in 2012? Over 117 million encrypted passwords were leaked and put up for sale.
Massive data dumps such as these become treasure troves for research of human behavior in the context of security. The US Company Preempt revealed that a staggering 35% of the passwords in the dump could already be found in password dictionaries available prior to the breach. Statistics like these remind us to keep our passwords as strong as possible.
13 Apr 2017
The infamous incident of Major Charles Ingram and his wife attempting to cheat the game show "Who Wants to be a Millionaire" is a marvelous tale with a captivating premise and a remarkable turn out of events. It truly was amazing that the contestant was able to get as far as he did without arousing suspicion considering how blindingly obvious the fraudulent act now looks in retrospect.
30 Dec 2016
"Dirty COW" (CVE-2016-5195) is a remarkable software vulnerability in the Linux operating system that was discovered in the October of 2016. Shockingly, the vulnerability is exploitable on unpatched Linux systems of nearly every Linux-based operating system including Android and dates back an alarming 9 years.
The exploit takes advantage of a race condition in the Linux copy-on-write process that allows arbitrary data to be written to any file part of the operating system including read-only files.
04 Dec 2016
When the Belorussian antivirus company, VirusBlokAda, first published the Stuxnet worm in 2010 the world of computer security was shaken. The cyber weapon included four zero-day vulnerabilities in the Windows operating system with the capability of compromising even a fully patched Windows 7 system.
Perhaps the most alarming of the OS vulnerabilities used was the LNK Windows Shortcut flaw which allowed the execution of code by merely opening the folder containing the malicious LNK file.
Ruby Devices do not in any way condone the practice of illegal activities in relation to hacking. All teachings with regards to malware and other exploits are discussed for educational purposes only and are not written with the intention of malicious application.