Data Security (Page 115)

Data Security News | Infosec Blog | Information Security Tutorials

Multiple vulnerabilities discovered in DNA sequencing web-application

On: March 9, 2017

In: Important, Incidents, Vulnerabilities

Shorebreak Security penetration testers discovered seven serious vulnerabilities in the dnaLIMS web application during the course of a blackbox penetration test for a customer. Shorebreak notified the vendor, who appears toRead More →

Submit UEFI Ransomware: Full Disclosure at Black Hat Asia

On: March 8, 2017

In: Important, Incidents, Malware, Vulnerabilities

Last month at the RSA 2017 conference, we ran a live demo of Cylance’s UEFI Ransomware proof of concept at our ‘Hacking Exposed Next-Gen’ talk. In the demo, we targetedRead More →

Hacking the Western Digital MyCloud NAS

On: March 6, 2017

In: Important, Incidents, Malware, Vulnerabilities

Sometimes at Exploitee.rs, we look for fun devices to hack and sometimes the devices find us. Today we’re going to talk about a recent time where we found ourselves inRead More →

New Dark Web Service Helps Crooks Trick You in Revealing Your Payment Card PIN

On: March 4, 2017

In: Important, Incidents, Vulnerabilities

A new service launched on the Dark Web this week simplifies the process of tricking victims whose card details have been exposed into revealing their card’s PIN. The service, whichRead More →

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

On: March 3, 2017

In: Important, Incidents, Malware, Vulnerabilities

Delivered by “secure” Word doc, pure PowerShell malware fetches commands from DNS TXT records. Researchers at Cisco’s Talos threat research group are publishing research today on a targeted attack deliveredRead More →

XSS flaws in Zscaler Cloud management software allow logged attackers to hack coworkers

On: March 1, 2017

In: Important, Incidents, Malware, Vulnerabilities

Zscaler has fixed persistent XSS vulnerabilities affecting Zscaler Cloud management software that allow logged attackers to hack coworkers. Serious cross-site scripting (XSS) flaws in the Zscaler Cloud management software could be exploitedRead More →

Web Cache Deception Attack

On: February 28, 2017

In: Important, Incidents, Malware, Vulnerabilities

A few words about caching and reactions Websites often tend to use web cache functionality (for example over a CDN, a load balancer, or simply a reverse proxy). The purposeRead More →

Stolen EHR data is flooding criminal underground communities in the Deep Web

On: February 27, 2017

In: Important, Vulnerabilities

EHR data are precious commodities in the cyber criminal underground because of the lack of cyber security of healthcare industry. Electronic health record databases are becoming the most precious commoditiesRead More →

Vulnerability Deep Dive – Ichitaro Office Excel File Code Execution Vulnerability

On: February 25, 2017

In: Important, Vulnerabilities

Vulnerabilities in word processing and office productivity suites are useful targets for exploitation by threat actors. Users frequently encounter file types used by these software suites in their day toRead More →

Malware Uses Blinking Hard Drive LEDs to Transmit Data to Nearby Cameras

On: February 23, 2017

In: Important, Incidents, Malware, Vulnerabilities

Custom-made malware installed on an offline computer can use a hard drive’s LED to send out sensitive data from infected computers to nearby cameras. This Hollywood hacking scenario is nowRead More →

Data Security (Page 115)

Multiple vulnerabilities discovered in DNA sequencing web-application

Submit UEFI Ransomware: Full Disclosure at Black Hat Asia

Hacking the Western Digital MyCloud NAS

New Dark Web Service Helps Crooks Trick You in Revealing Your Payment Card PIN

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

Web Cache Deception Attack

Stolen EHR data is flooding criminal underground communities in the Deep Web

Vulnerability Deep Dive – Ichitaro Office Excel File Code Execution Vulnerability

Malware Uses Blinking Hard Drive LEDs to Transmit Data to Nearby Cameras

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

13 Insanely Easy Techniques to Hack & Exploit Agentic AI Browsers

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

Backdooring ATMs via Bootloader? These Hackers Showed It’s Still Possible in 2025”

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]