Information Security News|Cyber Security|Hacking Tutorial

SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution

On: December 18, 2017

vBulletin, also known as vB, is a widespread proprietary Internet forum software package developed by vBulletin Solutions, Inc., based on PHP and MySQL database server. vBulletin powers many of theRead More →

Face Palm: Windows 10 Bundled A Password Manager That Exposed Your Saved Passwords

On: December 18, 2017

In: Incidents

About 16 months ago, a Google Project Zero researcher found a critical bug in a password manager named Keeper. The bug allowed Keeper to inject its trusted UI into untrustedRead More →

Anyone can steal all of chrome saved passwords, form fields, bookmarks, history

On: December 16, 2017

In: Incidents

You can try it with your friends at work or with anyone that gives you access to a computer… it’s really funny but dangerous. I reported this issue to googleRead More →

These five programming languages have flaws that expose apps to attack

On: December 16, 2017

In: Incidents, Vulnerabilities

Securely-developed apps may be at risk due to security issues in popular interpreted programming languages. Even software that has been built with secure development procedures may still be vulnerable toRead More →

THE FCC JUST KILLED NET NEUTRALITY. NOW WHAT?

On: December 15, 2017

In: Data Security

THE FEDERAL COMMUNICATIONS Commission voted Thursday to dismantle its net neutrality regulations. But that won’t end the fight over rules that prohibit internet service providers from creating fast lanes for some content, whileRead More →

Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

On: December 15, 2017

In: Malware

Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrialRead More →

Harden Windows with AppLocker – based on Case study part 1

On: December 15, 2017

In: Data Security

In my post about how insecure AppLocker really are we concluded that the only valid bypass technique (from the 7 I tested) was actually msbuild.exe. The next question is, how can weRead More →

Security researcher says DirecTV hardware can be easily hacked

On: December 14, 2017

In: Incidents

The flaw was privately disclosed to the device maker in June, but six months later, there’s still no patch. Homes signed up to AT&T’s DirecTV service may be inadvertently runningRead More →

“Suspicious” event routes traffic for big-name sites through Russia

On: December 14, 2017

In: Incidents

Google, Facebook, Apple, and Microsoft all affected by “intentional” BGP mishap. Traffic sent to and from Google, Facebook, Apple, and Microsoft was briefly routed through a previously unknown Russian InternetRead More →

Still Stealing

On: December 13, 2017

In: Malware

Two years ago in October 2015 we published a blogpost about a popular malware that was being distributed from the Google Play Store. Over the next two years we detected several similarRead More →

SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution

Face Palm: Windows 10 Bundled A Password Manager That Exposed Your Saved Passwords

Anyone can steal all of chrome saved passwords, form fields, bookmarks, history

These five programming languages have flaws that expose apps to attack

THE FCC JUST KILLED NET NEUTRALITY. NOW WHAT?

Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

Harden Windows with AppLocker – based on Case study part 1

Security researcher says DirecTV hardware can be easily hacked

“Suspicious” event routes traffic for big-name sites through Russia

Still Stealing

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

FortiGate Firewalls Zero-Day Chaos: How Hackers Are Gaining Control of Firewalls Worldwide – Is Your Network at Risk?

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]