5 Devastating Security Flaws You’ve Never Heard Of

Devastating vulnerabilities are hiding in the technology in programs, protocols, and hardware all around us. Most of the time, you can find ways to protect yourself.

Hosted by: Michael Aranda

Head to https://scishowfinds.com/ for hand selected artifacts of the universe!
———-
Support SciShow by becoming a patron on Patreon: https://www.patreon.com/scishow
———-
Dooblydoo thanks go to the following Patreon supporters: Lazarus G, Sam Lutfi, D.A. Noe, سلطان الخليفي, Piya Shedden, KatieMarie Magnone, Scott Satovsky Jr, Charles Southerland, Patrick D. Ashmore, Tim Curwick, charles george, Kevin Bealer, Chris Peters
———-
Looking for SciShow elsewhere on the internet?
Facebook: http://www.facebook.com/scishow
Twitter: http://www.twitter.com/scishow
Tumblr: http://scishow.tumblr.com
Instagram: http://instagram.com/thescishow
———-
Sources:

https://cve.mitre.org/data/downloads/index.html
https://www.first.org/cvss/calculator/3.0
https://research.checkpoint.com/eternalblue-everything-know/
https://blog.trendmicro.com/trendlabs-security-intelligence/ms17-010-eternalblue/
https://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability
https://blog.trendmicro.com/trendlabs-security-intelligence/mms-not-the-only-attack-vector-for-stagefright/
https://w3techs.com/technologies/overview/operating_system/all
http://blog.exodusintel.com/2015/08/13/stagefright-mission-accomplished/
https://www.troyhunt.com/everything-you-need-to-know-about2/
https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
https://www.blackhat.com/docs/us-15/materials/us-15-Drake-Stagefright-Scary-Code-In-The-Heart-Of-Android.pdf
https://www.rapid7.com/db/vulnerabilities/google-android-cve-2015-3824 (and related bugs)
https://www.smh.com.au/technology/stephane-chazelas-the-man-who-found-the-webs-most-dangerous-internet-security-bug-20140926-10mixr.html
http://seclists.org/oss-sec/2014/q4/92 (and the rest of that thread)
https://fedoramagazine.org/shellshock-how-does-it-actually-work/
http://unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
https://duo.com/blog/the-great-dns-vulnerability-of-2008-by-dan-kaminsky
https://www.linuxjournal.com/content/understanding-kaminskys-dns-bug
https://www.theregister.co.uk/2017/02/15/google_stagefright_android_bug_zero_success/
https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
http://users.ece.cmu.edu/~yoonguk/papers/kim-isca14.pdf
https://motherboard.vice.com/en_us/article/9akpwz/rowhammerjs-is-the-most-ingenious-hack-ive-ever-seen

Images:

http://www.thinkstockphotos.com/image/stock-photo-hacker-stealing-data-from-a-laptop/480739380
http://www.thinkstockphotos.com/image/stock-photo-computer-security-breach/535898187
http://www.thinkstockphotos.com/image/stock-photo-young-woman-with-a-concerned-expression/146277359
http://www.thinkstockphotos.com/image/stock-photo-young-asian-male-confused-and-headache-by/684061756
http://www.thinkstockphotos.com/image/stock-photo-fast-coding/519162052
http://www.thinkstockphotos.com/image/stock-photo-dangerous-hooded-hacker-breaks-into/817486390
http://www.thinkstockphotos.com/image/stock-photo-business-woman-touching-the-search-screen/617382454
http://www.thinkstockphotos.com/image/stock-illustration-data-storage-and-web-hosting-flat/918481620
http://www.thinkstockphotos.com/image/stock-illustration-flat-icons-set-of-web-hosting/876052986
http://www.thinkstockphotos.com/image/stock-photo-computer-memory-closeup/603159290
https://en.wikipedia.org/wiki/File:DRAM.svg
https://commons.wikimedia.org/wiki/File:Row_hammer.svg

Leave a Reply