It’s no secret hotel rooms can be hacked into. One security researcher has now created a cheap, discrete device the size of a card deck that can open guest rooms at aRead More →
Macros have been used since the mid 1990s to spread malware and infect systems. Increased user awareness of the need to disable the macro function within Microsoft Word during theRead More →
Venmo has patched multiple flaws that could have allowed an attacker to steal as much as $2,999.99 from unsuspecting victims using Siri. Venmo is a mobile app that allows friendsRead More →
Researchers claim they can stop malware before it executes. Black Hat EndGame vulnerability researchers Cody Pierce, Matt Spisak, and Kenneth Fitch have created a defence framework to protect against deeper modernRead More →
Attack from the ’90s resurfaces more deadly than before. A flaw in how Windows handles old authentication procedures for shared network resources can leak a user’s Microsoft account username and password,Read More →
A hacker using the pseudonym “Peace” has uploaded what purports to be a data dump of 200 million Yahoo accounts to an underground marketplace called The Real Deal. The technologyRead More →
While many email providers, clients, and anti-spam engines have become adept at detecting spam, malicious messages sent via high-profile, legitimate providers are much harder to catch. Threat actors continue toRead More →
A new trojan potentially threatens as many as 2.8 million Android users with unwanted mobile advertisements. On 29 July, researchers at the Russian computer security firm Doctor Web published anRead More →
Short Bytes: Google Hacking is the method to access information that’s publicly available, but not intended for public distribution. Using certain intelligent search techniques, one can land unexpected results onRead More →
By mid-July 2016, the Afraidgate campaign stopped distributing CryptXXX ransomware. It is now distributing the “.zepto” variant of Locky. Afraidgate has been using Neutrino exploit kit (EK) to distribute malwareRead More →
Fueled by the lack of Pokémon GO in Brazil, a hacker group called OurMine took control of Niantic CEO John Hanke’s Twitter account today. Hanke and the development team atRead More →
Israeli experts discovered a vulnerability within the JavaScript that proxy PAC files that allows HTTPS URLs interception via Proxy Attacks. Israeli security firm, Safebreach, has discovered a vulnerability within theRead More →
In previous blog posts Liang talked about the userspace privilege escalation vulnerability we found in WindowServer. Now in following articles I will talk about the Blitzard kernel bug we usedRead More →
Even 2FA can run up against limitations—like this Find My iPhone attack. As a graduate student studying cryptography, security and privacy (CrySP), software engineeringand human-computer interaction, I’ve learned a thing or twoRead More →
Security researchers have revealed several major vulnerabilities in Osram Lightify smart lighting systems which could allow remote hackers to launch browser-based attacks and even access corporate networks. Osram, which sells bothRead More →
Website is currently down, nobody knowns who hacked it. Between July 7 and July 26, the date of the last reported hack, the website of the Harrison city council, townofharrison.com, hasRead More →
GCHQ’s JTRIG team targeted more than hacktivists. Mustafa Al-Bassam, aka tFlow, co-founder of the LulzSec hacking crew, published today more details about how the GCHQ used the covert Joint Threat ResearchRead More →
X-Tunnel is roughly based on XTunnel PortMap. One of the malware variants used to infiltrate and hack the Democratic National Committee (DNC) back in April 2016 is based on aRead More →
In April, an independent researcher launched a tool called OnionScan, which probes dark web sites for various vulnerabilities and other issues. Now, another researcher has described how to deploy thatRead More →
Facebook’s troubles in Brazil seems to be never-ending. The war between the social media giant and the government has been taking on heat for a while as the company-owned messagingRead More →
