RSS ze světa hackingu


Firewall Bursting: A New Approach to Better Branch Security

One of the most common network security solutions is the branch firewall. Branch firewall appliances can pack into a single device a wide range of security capabilities including a stateful or next-generation firewall, anti-virus, URL filtering, and IDS/IPS. But the reality is that most of these edge devices lack the processing power to apply the full scope of capabilities on all of the …

Datum: 18. 12. 2017

Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly

Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server. vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server. It powers …

Datum: 18. 12. 2017

Pre-Installed Password Manager On Windows 10 Lets Hackers Steal All Your Passwords

If you are running Windows 10 on your PC, then there are chances that your computer contains a pre-installed 3rd-party password manager app that lets attackers steal all your credentials remotely. Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager that silently installs new "suggested apps" without asking for users’ …

Datum: 16. 12. 2017

TRITON Malware Targeting Critical Infrastructure Could Cause Physical Damage

Security researchers have uncovered another nasty piece of malware designed specifically to target industrial control systems (ICS) with a potential to cause health and life-threatening accidents. Dubbed Triton, also known as Trisis, the ICS malware has been designed to target Triconex Safety Instrumented System (SIS) controllers made by Schneider Electric—an autonomous control system that …

Datum: 15. 12. 2017

FCC Just Killed Net Neutrality—What Does This Mean? What Next?

Net neutrality is DEAD—5 out of 3 federal regulators have voted Thursday to hand control of the future of the Internet to cable and telecommunication companies, giving them powers to speed up service for websites they favor or slow down others. As proposed this summer, the US Federal Communications Commission (FCC) has rolled back Net Neutrality rules that require Internet Service Providers …

Datum: 15. 12. 2017

Zero-Day Remote 'Root' Exploit Disclosed In AT&T DirecTV WVB Devices

Security researchers have publicly disclosed an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit after trying to get the device manufacturer to patch this easy-to-exploit flaw over the past few months. The problem is with a core component of the Genie DVR system that's shipped free of cost with DirecTV and can be easily exploited by hackers to gain root access and take …

Datum: 14. 12. 2017

Two Hackers Plead Guilty to Creating IoT-based Mirai DDoS Botnet

The U.S. federal officials have arrested two hackers who have pleaded guilty to computer-crimes charges for creating and distributing Mirai botnet that crippled some of the world's biggest and most popular websites by launching the massive DDoS attacks last year. According to the federal court documents unsealed Tuesday, Paras Jha and Josiah White were indicted by an Alaska court last week on …

Datum: 13. 12. 2017

Password Stealing Apps With Over A Million Downloads Found On Google Play Store

Even after so many efforts by Google like launching bug bounty program and preventing apps from using Android accessibility services, malicious applications somehow manage to get into Play Store and infect people with malicious software. The same happened once again when security researchers discovered at least 85 applications in Google Play Store that were designed to steal credentials from …

Datum: 13. 12. 2017

ROBOT Attack: 19-Year-Old Bleichenbacher Attack On RSA Encryption Reintroduced

A 19-year-old vulnerability has been re-discovered in the RSA implementation from at least 8 different vendors—including F5, Citrix, and Cisco—that can give remote attackers access to encrypted messages. Dubbed ROBOT (Return of Bleichenbacher's Oracle Attack), the attack allows an attacker to perform RSA decryption and cryptographic operations using the private key configured on the …

Datum: 12. 12. 2017

Collection of 1.4 Billion Plain-Text Leaked Passwords Found Circulating Online

Hackers always first go for the weakest link to quickly gain access to your online accounts. Online users habit of reusing the same password across multiple services gives hackers opportunity to use the credentials gathered from a data breach to break into their other online accounts. Researchers from security firm 4iQ have now discovered a new collective database on the dark web (released …

Datum: 12. 12. 2017

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114