A loophole in Facebook’s advertising targeting mechanism could have let attackers obtain users’ phone numbers after they visited websites the attackers controlled, a group of information security training professionals revealedRead More →
A previously undisclosed vulnerability in Nike’s website allowed anyone with a few lines of code to read server data like passwords, which could have provided greater access to the company’sRead More →
This days Cortana seems to be the perfect AI assistant, but according to the discoveries of Israeli information security researchers Tal Be’ery and Amichai Shulman, Cortana is far from perfectionRead More →
The 4G LTE is already the mobile network standard that is most used today, being responsible for 83.73% of coverage availability. Therefore, it is really dangerous that a group ofRead More →
A massive amplification DDoS attack hit an undisclosed US-based company, setting new record just days after a similar attack took down GitHub. A DDoS attack using the Memcached vulnerability toRead More →
Just days before its annual information security training summit starts in Cancun, Mexico, Kaspersky Lab announced an extension to its bug bounty program and plan to pay rewards of upRead More →
The number of Flash Player exploits has recently declined, due to Adobe’s introduction of various measures to strengthen Flash’s security. Occasionally, however, an exploit still arises. On January 31, Kr-Cert reported aRead More →
In modern Intel processors, there’s a hardware extension available named Software Guard Extension (SGX) to improve the security aspects. It provides a shielded execution environment called ‘enclaves’ to deal withRead More →
Widely used message transfer agent patched buffer overflow last month. A bug in an obscure but widely used email program may be putting as many as 400,000 servers around theRead More →
Vulnerability in Pivotal’s Spring Data REST allows remote hackers to execute arbitrary commands on any machine that runs an application built using its components. The vulnerability was tracked as CVE-2017-8046Read More →
RMH Franchise Holdings revealed on Friday afternoon that PoS (point of sale) systems at the Applebee’s restaurants were infected with a PoS malware. According to information security training specialists, the PoS malwareRead More →
It has always been written about website security certificates many times. This is because HTTPS certificates (TLS certificates) are one of the main parties in the security of online transactions.Read More →
A flight of new research papers show 4G LTE networks can be exploited for all sorts of badness. There have been lots of reasons to be concerned about how easilyRead More →
Introduction When performing an application assessment one of the areas within an app I pay particular attention to is any ability to define custom templates. By this I mean functionalityRead More →
Hole made it possible to trick users into double spending and hack smart contracts. Developers of Ethereum, the world’s No. 2 digital currency by market capitalization, have closed a seriousRead More →
Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng, MDK3 and Reaver. It offers a simple and easy UI to use these tools without typing commandsRead More →
This week, GitHub’s code hosting website hit with the largest-ever distributed denial of service (DDoS) attack that peaked at record 1.35 Tbps. According to data security researchers, attackers did not use anyRead More →
Data protected by Intel’s Software Guard Extensions could be open to a new side-channel attack. According to cyber security experts, a new variant of the Spectre attack on devices that use IntelRead More →
An additional 2.4 million Americans have been identified as victims of the company’s 2017 breach. Equifax has confirmed more Americans are impacted by the cyberattack that targeted the credit ratingRead More →
Another AWS Bucket exposed to the public. This time the AWS Bucket belonged to Birst. A cyber security team have discovered a massive trove of data exposed due to anRead More →
