Hacking Mac With EmPyre
2016-10-25
I am the stereotypical Apple fan boy that other bloggers write about. We have MacBook Pro’s, Air’s, Apple TV’s, iPhone’s and iPad’s and even subscribe to Apple Music. You literally couldn’tRead More →
It’s nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad
2016-10-25
Apple has distributed a fresh round of security updates to address remote-code execution holes in iOS, macOS, Safari, and the firmware for Apple Watch and AppleTV. Miscreants who exploit theseRead More →
Android phones rooted by “most serious” Linux escalation bug ever
2016-10-25
New rooting technique is believed to work against every version. There’s a new method for rooting Android devices that’s believed to work reliably on every version of the mobile operating systemRead More →
Cracking of Sphinx Trojan DGA Opens the Door for Botnet Takedown
2016-10-24
This post takes a quick look at Sphinx’s domain generation algorithm (DGA). Sphinx,another Zeus-based banking trojan variant, has been around circa August 2015. The DGA domains are used as aRead More →
Using Rowhammer bitflips to root Android phones is now a thing
2016-10-24
Permission-less apps take only seconds to root phones from LG, Samsung and Motorola. Researchers have devised an attack that gains unfettered “root” access to a large number of Android phones, exploitingRead More →
InTheCyber discovered a serious flaw in messaging systems
2016-10-24
Researchers at InTheCyber firm have discovered a new easy exploitable and dangerous vulnerability affecting messaging systems. InTheCyber – Intelligence & Defense Advisors (www.inthecyber.com), a leader in offensive & Defensive Cyber Security,Read More →
FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
2016-10-22
Trojan targets desktops, not servers or IoT devices. Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed inRead More →
Hack This: An Overdue Python Primer
2016-10-21
In writing the most recent Hack This (“Scrape the Web with Beautiful Soup”) I again found myself trapped between the competing causes of blog-brevity and making sure everything is totallyRead More →
“Most serious” Linux privilege-escalation bug ever is under active exploit
2016-10-21
Lurking in the kernel for nine years, flaw gives untrusted users unfettered root access. A serious vulnerability that has been present for nine years in virtually all versions of the LinuxRead More →
ADULT FRIENDFINDER VULNERABILITY LEAVES MILLIONS EXPOSED
2016-10-20
Adult website Adult FriendFinder may have been compromised by a hacker who said he has gained access to the site’s backend servers and posted allegedly compromised data to his Twitter feed. TheRead More →
SQL Injection zero-day in component ja-k2-filter-and-search of Joomla
2016-10-20
Information Security experts have discovered an SQL injection zero-day vulnerability in Joomla component ja-k2-filter-and-search. Information Security Researchers Dimitrios Roussis and Evangelos Apostoloudis have discovered an SQL injection vulnerability in componentRead More →
LinkedIn says hacking suspect is tied to breach that stole 117M passwords
2016-10-20
Russian man drove luxury car, then collapsed after being apprehended, police say. An alleged Russian hacker arrested in the Czech Republic following an FBI-coordinated tip-off is suspected of taking part in aRead More →
Indian Bank Blocks 600,000 Debit Cards After ATM Malware Incident
2016-10-19
Biggest credit card replacement in India’s history. The State Bank of India (SBI) said today it decided to block over 600,000 debit cards after rumors of a malware infection onRead More →
New-looking Sundown EK drops Smoke Loader, Kronos banker
2016-10-19
As we keep a tab on exploit kits, today we are looking at some changes with Sundown EK. Nowhere near as popular as RIG EK, this exploit kit still remains aRead More →
VeraCrypt Security Audit Concludes Despite Rocky Start
2016-10-18
VeraCrypt 1.19 released to fix 8 critical issues. The VeraCrypt project has released version 1.19 to fix a series of security flaws discovered during a recent security audit paid theRead More →
Crooks exploit a zero-day in WordPress eCommerce Plugin to upload a backdoor
2016-10-18
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a backdoor. According to the experts from the firmRead More →
Magento Malware Uses Steganography to Steal Payment Card Data
2016-10-18
Malware hides credit card data inside image files. Hackers are collecting payment card data from Magento stores, hiding the stolen data inside JPG images, which they’re downloading from infected storesRead More →
What We Can Learn from the Trident/Pegasus iOS Vulnerability
2016-10-17
It’s been several weeks since the story broke about Trident/Pegasus and the vulnerabilities they exploited in iOS. There has certainly been a significant (although a lot less than expected) amount ofRead More →
Crooks Leverage Explosives to Rob ATMs Because Malware Is Overrated
2016-10-17
Who needs complicated malware when you have dynamite.Criminals like to use explosives to break into ATMs, rather than deploy malware, a recent European ATM Security Team (EAST) report has shown.Read More →
A New Linux Trojan Called NyaDrop Threatens the IoT Landscape
2016-10-14
Malware author returns to IoT landscape following Mirai’s success and the wealth of vulnerable devices. The Krebs DDoS attacks have proven that the IoT landscape is a fertile ground that canRead More →
