SQL Injection & more via XSS in pgAdmin 4
2017-04-17
This is the story of how I found and exploited XSS (content injection) in the pgAdmin4 1.3 desktop client. (Before I get too much further if you use pgAdmin 4Read More →
Chrome, Firefox, and Opera Vulnerable to Undetectable Phishing Attack
2017-04-17
Browsers such as Chrome, Firefox, and Opera are vulnerable to a new variation of an older attack that allows phishers to register and pass fake domains as the websites ofRead More →
Somebody just hacked Ex-Premier League star Anthony Stokes lover Eilidh Scott’s iCloud account and leaked 240+ explicit images
2017-04-17
Somebody just hacked Ex-Premier League star Anthony Stokes lover Eilidh Scott’s iCloud account and leaked 240+ explicit images. Unknown Hackers hacked into Ex-Premier League star Anthony Stokes lover Eilidh Scott’sRead More →
Callisto APT Group exploited Hacking Team surveillance tools to hack Government targets
2017-04-17
The Callisto APT Group borrowed the source code leaked by hackers that broke into Hacking Team network. According to F-Secure Labs, The Callisto APT Group used the HackingTeam leaked surveillance software to gatherRead More →
EXPLOIT KIT ACTIVITY QUIETS, BUT IS FAR FROM SILENT
2017-04-15
Over the past six months, the roar of exploit kits has quieted to a whimper. But that doesn’t mean exploit kit threats are nonexistent. According to security experts, gangs behind themRead More →
Watch out, the Riddle vulnerability affects some Oracle MySQL versions. Update them now
2017-04-15
A bug dubbed Riddle vulnerability affecting MySQL 5.5 and 5.6 clients exposed user credentials to MiTM attacks. Update to version 5.7. A coding error dubbed The Riddle has been uncovered in theRead More →
CLDAP Protocol Allows DDoS Attacks with 70x Amplification Factor
2017-04-15
In a report released on Tuesday, Akamai says it spotted DDoS attacks leveraging the CLDAP protocol for the first time, and attacks using this protocol have the potential to incurRead More →
A Remote Attack on the Bosch Drivelog Connector Dongle
2017-04-15
In this blog post, I discuss the vulnerabilities of the Bosch Drivelog Connector OBD-II dongle found by the Argus Research Team. The vulnerabilities allowed us to stop the engine ofRead More →
LATENTBOT: Trace Me If You Can
2017-04-14
Through our Dynamic Threat Intelligence (DTI), we have observed multiple campaigns targeting multiple industries in the United States, United Kingdom, South Korea, Brazil, United Arab Emirates, Singapore, Canada, Peru andRead More →
Linux remote root bug menace: Make sure your servers, PCs, gizmos, Android kit are patched
2017-04-14
Ping of pwn: Malicious UDP packets may take over gear. A Linux kernel flaw that potentially allows miscreants to remotely control vulnerable servers, desktops, IoT gear, Android handhelds, and more,Read More →
