RSS ze světa hackingu


Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

Last week we received a tip about an unpatched vulnerability in the WordPress core, which could allow a low-privileged user to hijack the whole site and execute arbitrary code on the server. Discovered by researchers at RIPS Technologies GmbH, the "authenticated arbitrary file deletion" vulnerability was reported 7 months ago to the WordPress security team but remains unpatched and affects all …

Datum: 27. 6. 2018

Free Thanatos Ransomware Decryption Tool Released

If your computer has been infected with Thanatos Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search is over here. Security researchers at Cisco Talos have discovered a weakness in the Thanatos ransomware code that makes it possible for victims to unlock their Thanatos encrypted files for free without paying any ransom in …

Datum: 26. 6. 2018

New Malware Family Uses Custom UDP Protocol for C&C Communications

Security researchers have uncovered a new highly-targeted cyber espionage campaign, which is believed to be associated with a hacking group behind KHRAT backdoor Trojan and has been targeting organizations in South East Asia. According to researchers from Palo Alto, the hacking group, which they dubbed RANCOR, has been found using two new malware families—PLAINTEE and DDKONG—to target …

Datum: 26. 6. 2018

Python-Based Adware Evolves to Install Malicious Browser Extensions

Security researchers have been warning of a few newly detected variants of python-based adware that are being distributed in the wild not only to inject ads but also found installing malicious browser extensions and hidden cryptocurrency miner into victims' computers. Dubbed PBot, or PythonBot, the adware was first uncovered more than a year ago, but since then the malware has evolved, as its …

Datum: 26. 6. 2018

WPA3 Standard Officially Launches With New Wi-Fi Security Features

The Wi-Fi Alliance today officially launched WPA3—the next-generation Wi-Fi security standard that promises to eliminate all the known security vulnerabilities and wireless attacks that are up today including the dangerous KRACK attacks. WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and is intended …

Datum: 26. 6. 2018

Android Gets New Anti-Spoofing Feature to Make Biometric Authentication Secure

Google just announced its plan to introduce a new anti-spoofing feature for its Android operating system that makes its biometric authentication mechanisms more secure than ever. Biometric authentications, like the fingerprint, IRIS, or face recognition technologies, smoothen the process of unlocking devices and applications by making it notably faster and secure. Although biometric systems …

Datum: 21. 6. 2018

Thousands of Mobile Apps Expose Their Unprotected Firebase Hosted Databases

Mobile security researchers have discovered unprotected Firebase databases of thousands of iOS and Android mobile applications that are exposing over 100 million data records, including plain text passwords, user IDs, location, and in some cases, financial records such as banking and cryptocurrency transactions. Google’s Firebase service is one of the most popular back-end development …

Datum: 21. 6. 2018

Google Solves Update Issue for Android Apps Installed from Unknown Sources

If you are wondering how to receive latest updates for an Android app—installed via a 3rd party source or peer-to-peer app sharing—directly from Google Play Store. For security reasons, until now apps installed from third-party sources cannot be updated automatically over-the-air, as Google does not recognize them as Play Store apps and they do not show up in your Google account app list as well …

Datum: 21. 6. 2018

Google Developer Discovers a Critical Bug in Modern Web Browsers

Google researcher has discovered a severe vulnerability in modern web browsers that could have allowed websites you visit to steal the sensitive content of your online accounts from other websites that you have logged-in the same browser. Discovered by Jake Archibald, a developer advocate for Google Chrome, the vulnerability resides in the way browsers handle cross-origin requests to video …

Datum: 20. 6. 2018

Popular Flight Tracker Flightradar24 Suffers Data Breach

One of the world's most popular flight tracking services Flightradar24, which shows real-time aircraft flight information on a map, has suffered a massive data breach that may have compromised email addresses and hashed passwords for more than 230,000 customers. Without revealing any information about the breach publically via their blog or social media accounts, Flightradar24 started sending …

Datum: 20. 6. 2018

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144