In 2008, a team of students and researchers from Princeton University, Wind River Systems and the Electronic Frontier Foundation published a research paper [3] examining the phenomena of computer memory remanence.
That paper has confirmed what had long been theorized by computer security practitioners: the volatile memory of computer systems is less volatile than expected.

A research team has recently discovered a new attack method that enables remote users to interact with voice-controlled device using ultrasonic waves transmitted through (for example) the surface on which is placed the target device.

During an incident response, a fast analysis could be required, often on systems that aren’t the workstation usually used by the analyst.
So, I always suggest to create a small and simple toolkit that can be copied on a USB stick.

A brief update regarding the Ghostcat vulnerability (CVE-2020-1938) that affects Apache Tomcat servers.

It is well known that voice assistants aren’t perfect and will start recording event when you don’t say their trigger word, but a team of researchers wanted to quantify how often these activations happen and what the devices hear when they do.

The researchers who disclosed the aLTEr attack last year (David Rupprecht, Thorsten Holz, and Christina Pöpper), have found new ways to exploit the lack of integrity protection on the 4G/5G user plane in a new attack called Imp4Gt.

Recently, a new vulnerability on Apache Tomcat AJP connector was disclosed.

In order to avoid sourveillance, privacy invasion or information theft you must be sure that the data on your devices are secure, and the only way to do that in this day and age is to make sure they are full disk encrypted.

Social engineering techniques are frequently part of an overall security penetration test because also the “human network” need to be tested.

There’s no rest for the (bluetooth) wearables

A team of security researchers have discovered numerous vulnerabilities in the Bluetooth Low Energy (BLE) implementations of major vendors.