A tale of a DNS exploit: CVE-2015-7547
2016-03-04
This post was written by Marek Vavruša and Jaime Cochran, who found out they were both independently working on the same glibc vulnerability attack vectors at 3am last Tuesday. ARead More →
How to do security vulnerability testing?
2016-03-01
If your corporate network is connected to the Internet, you are doing business on the Internet, you manage web applications that keep confidential information or you are a provider ofRead More →
Medical superbugs: Two German hospitals hit with ransomware
2016-02-27
Infection forces patients onto phones and medicos onto faxes. At least two hospitals in Germany have come under attack from ransomware, according to local reports. The alarming incidents follow similarRead More →
FTC Forces Asus to Comply with 20 Years of Security Audits
2016-02-26
Asus lied about its routers’ security, it delayed security patches for months, and now it’s paying the price. A few months back, the US Federal Trade Commission (FTC) filed a complaint againstRead More →
The DoD funded the Carnegie Mellon University’s research on Tor Hacking
2016-02-26
A judge has confirmed that US Departement of Defense funded the Carnegie Mellon University to conduct research on the Tor hacking. In November 2015, the researchers at the Tor Project publiclyRead More →
Author of the Angler EK integrated recently Silverlight exploit
2016-02-26
The security researcher Kafeine confirmed that the authors of the Angler EK have integrated the exploit for a recently patched Microsoft Silverlight vulnerability. Ransomware is becoming one of the most dreaded cyberRead More →
Remotely hacking a Nissan LEAF via vulnerable APIs
2016-02-25
The security expert Troy Hunt discovered that it is possible to remotely control features of a Nissan Leaf via API. The popular security expert Troy Hunt discovered a security vulnerability affectingRead More →
Google, Red Hat discover critical DNS security flaw that enables malware to infect entire internet
2016-02-25
Google and security firm Red Hat have discovered a critical security flaw in the Internet’s Domain Name System (DNS) that affects a library in a universally used protocol. This meansRead More →
New Silverlight Attacks Appear in Angler Exploit Kit
2016-02-24
Exploits for a vulnerability in Microsoft Silverlight have found their way into the dangerous Angler Exploit Kit a little more than a month after it was patched. French security researcherRead More →
How to Use NMAP 7 to Discover Vulnerabilities, Launch DoS Attacks and More!
2016-02-20
NMAP is an essential tool in any hacker’s arsenal. Originally written by Gordon Lyon aka Fydor, it’s used to locate hosts and services and create a map of the network.Read More →
JSF*** eBay XSS Bug Exploited in the Wild, Despite the Company’s Fix
2016-02-20
Attackers exploit eBay’s lackluster security policy. The JSF*** XSS bug that cyber-security firm Check Point discovered two weeks ago is being used in real world attacks on the eBay platform, inRead More →
VXE Flaw allowed threats to bypass FireEye detection engine
2016-02-18
Researchers at Blue Frost Security firm discovered a flaw in the FireEye Virtual Execution Engine (VXE) that allows an attacker to completely bypass virtualization-based dynamic analysis and whitelist malware. SecurityRead More →
Millions of AirDroid Users Exposed to Severe Vulnerability
2016-02-18
A new vulnerability in the AirDroid App was revealed by Check Point. This vulnerability affects the 50 million AirDroid users around the globe. AirDroid is a device manager app whichRead More →
How to bypass this LG smartphone’s fingerprint security in just 30 seconds
2016-02-17
A troubling vulnerability has been uncovered that may make you think twice about ever even temporarily allowing a friend, partner or acquaintance to use your new LG V10 Android smartphone.Read More →
Extremely severe bug leaves dizzying number of software and devices vulnerable
2016-02-17
Since 2008, vulnerability has left apps and hardware open to remote hijacking. Researchers have discovered a potentially catastrophic flaw in one of the Internet’s core building blocks that leaves hundreds orRead More →
How White Hat Hackers Stole Crypto Keys from an Offline Laptop in Another Room
2016-02-16
Last year, it was revealed that hackers can steal data from any computer via heat and how some technologies can hack into an offline computer and phone. Now, Tel AvivRead More →
Severe Vulnerability Affects Cisco ASA VPN Server Equipment
2016-02-11
Attackers can take over Cisco firewalls and VPN servers. Cisco has released urgent security patches aimed at fixing a security vulnerability in some of its firewall equipment that employs several versionsRead More →
Twitter bug allows hackers to hijack big Twitter accounts like @God, @Vagina etc
2016-02-11
A password reset flaw allowed hacker to hijack numerous Twitter accounts from their original owners. Twitter followers of @god, @emoji, and @vagina were in for surprise today when their favourite TwitterRead More →
Remote Code Execution: All Versions Of Windows Hit By ‘Severe’ Security Vulnerabilities
2016-02-10
Short Bytes: As a part the latest Patch Tuesday, Microsoft released 13 security patches for all version of Windows and other software like Microsoft Office, IE, Flash etc. Out of these,Read More →
“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive
2016-02-10
Apps that use 3rd-party updater over insecure HTTP channels subject to MiTM attacks. Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that installRead More →
