Hacking Samsung Galaxy via Modem interface exposed via USB
2016-04-14
Modems in a number of Samsung Galaxy devices are open to receiving AT commands over the USB cable even when they are locked. Do you know that modems in aRead More →
Apple iMessage flaw exposed chat history and more with a single click
2016-04-13
A group of security researchers has found a security flaw in the Apple iMessage that exposed chat history and sensitive data with a single click. Recently WhatsApp has introduced the end-to-endRead More →
Linux-fight! Dev’s plan to bundle kernel patches sparks debate
2016-04-13
Sasha Levin kicks off ‘security tree’ side project. Linux developer Sasha Levin has kicked off a project in which he proposes gathering up kernel security fixes under a single tree. TheRead More →
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
2016-04-13
I had almost forgotten about my experience with Worldpay’s Merchant Portal from just over a year ago, but my recent post regarding another payment processor helped to refresh my memory. IRead More →
Click-Fraud Ramdo Malware Family Continues to Plague Users
2016-04-12
Ramdo is a family of malware that performs fraudulent website ‘clicks.’ Ramdo malware activity first surfaced in late 2013 and has since continued to infect machines worldwide, primarily through theRead More →
Apple just fixed an iMessage bug that researchers called easily exploitable
2016-04-11
Your chat history on iMessage just went through a period when it was not altogether safe, but now, all wrongs have been righted thanks to an OS X update. ARead More →
The Open-source vulnerabilities database (OSVDB) shuts down permanently
2016-04-09
The Open Sourced Vulnerability Database (OSVDB) shut down permanently in response to the lack of assistance from the industry. The Open Sourced Vulnerability Database (OSVDB) shut down permanently, the news wasRead More →
More than 135 million ARRIS cable modems vulnerable to remote attacks
2016-04-09
Attackers can exploit the flaws in the ARRIS SURFboard cable modems to remotely knock out the device, more than 135 million device open to attacks. The security expert David LongeneckerRead More →
Killing a Zero-Day in the Egg: Adobe CVE-2016-1019
2016-04-08
Proofpoint researchers discovered that the Magnitude exploit kit (EK) [1] was successfully exploiting Adobe Flash version 20.0.0.306. Because the Magnitude EK in question did not direct any exploits to FlashRead More →
“Surreptitious Sharing” Attack on Android Apps Can Leak Private Data
2016-04-07
Eight out of twelve apps vulnerable to new attack. This past Monday, at the GI Sicherheit 2016 security conference in Bonn, Germany, two researchers unveiled details about a new type ofRead More →
Ubuntu plugs code exec, DoS Linux kernel holes
2016-04-07
This is kind of a big deal because the mess is in 14.04 LTS, expiry date 2019. Ubuntu has patched four Linux kernel vulnerabilities that allowed for arbitrary code execution andRead More →
Adobe to patch Flash Player zero-day vulnerability actively exploited in the wild
2016-04-06
A new Flash Player zero-day vulnerability (CVE-2016-1019) has been actively exploited by threat actors in attacks against systems running Windows XP and 7. Once again a zero-day vulnerability in the AdobeRead More →
How to easily bypass iPhone 6s Lockscreen to access to Photos and Contacts
2016-04-06
iPhone 6s and 6s Plus running the latest iOS version are plagued by a vulnerability that can be exploited to bypass the lockscreen. Another flaw plagues the new Apple iPhoneRead More →
Hack Like a Pro: How to Scan for Vulnerabilities with Nessus
2016-04-06
Generally, you will want to perform a vulnerability scan before doing a penetration test. Vulnerability scanners contain a database of all known vulnerabilities and will scan your machine or networkRead More →
WhatsApp is now most widely used end-to-end crypto tool on the planet
2016-04-06
WhatsApp now uses Signal protocol, which was largely funded by US taxpayers. WhatsApp has enabled end-to-end encryption across all versions of its messaging and voice calling software, according to a TuesdayRead More →
Rearchers discover a way to hack Gmail and Facebook 500 times faster
2016-04-06
Rupture framework used to upgrade three-year-old BREACH framework and hack Facebook and Gmail 500 times faster. Security researchers have expanded and improved a three-year-old cyber-attack that could steal information from websitesRead More →
CISCO ‘HIGH SEVERITY’ FLAW LETS MALWARE BYPASS FIREPOWER FIREWAL
2016-04-05
Technology vendor Cisco is pushing out security updates to customers to address a critical vulnerability found in its recently introduced line of FirePower firewall products. The vulnerability, according to Cisco, allowsRead More →
PayPal flaw allowed hackers to send malicious emails
2016-03-31
PayPal has just fixed a security vulnerability that could have been exploited to send malicious emails to users via its platform. Researchers at security firm Vulnerability Lab have discovered a filter bypass and anRead More →
POPULAR SHOPPING CART APP PLUGS DOZENS OF XSS VULNERABILITIES
2016-03-29
Popular open source shopping cart app Zen Cart is warning its users of dozens of cross-site scripting vulnerabilities found in its software. Affected websites, security experts say, risk exposing customersRead More →
Nuclear Plants in Germany Are Vulnerable to Terrorism Threats
2016-03-28
According to a recent report, Germany nuclear plants are vulnerable to terrorists and there needs to be some serious dealing with this problem. According to a recently released report, GermanyRead More →
