RSS ze světa hackingu


jQuery Official Blog Hacked — Stay Calm, Library is Safe!

The official blog of jQuery—most popular JavaScript library used by millions of websites—has been hacked by some unknown hackers, using the pseudonym "str0ng" and "n3tr1x." jQuery's blog website (blog.jquery.com) runs on WordPress—the world's most popular content management system (CMS) used by millions of websites. While there is no evidence yet if the server ( …

Datum: 26. 10. 2017

Hacker Hijacks CoinHive's DNS to Mine Cryptocurrency Using Thousands of Websites

When yesterday I was reporting about the sudden outbreak of another global ransomware attack 'Bad Rabbit,' I thought what could be worse than this? Then late last night I got my answer with a notification that Coinhive has been hacked — a popular browser-based service that offers website owners to embed a JavaScript to utilise their site visitors' CPUs power to mine the Monero cryptocurrency …

Datum: 25. 10. 2017

Bad Rabbit: New Petya-like Ransomware Rapidly Spreading Across Europe

A new widespread ransomware attack is spreading like wildfire around Europe and has already affected over 200 major organisations, primarily in Russia, Ukraine, Turkey and Germany, in the past few hours. Dubbed "Bad Rabbit," is reportedly a new Petya-like targeted ransomware attack against corporate networks, demanding 0.05 bitcoin (~ $285) as ransom from victims to unlock their systems. …

Datum: 24. 10. 2017

DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions

DUHK — Don't Use Hard-coded Keys — is a new 'non-trivial' cryptographic implementation vulnerability that could allow attackers to recover encryption keys that secure VPN connections and web browsing sessions. DUHK is the third crypto-related vulnerability reported this month after KRACK Wi-Fi attack and ROCA factorization attack. The vulnerability affects products from dozens of vendors, …

Datum: 24. 10. 2017

Kaspersky Opens Antivirus Source Code for Independent Review to Rebuild Trust

Kaspersky Lab — We have nothing to hide! Russia-based Antivirus firm hits back with what it calls a "comprehensive transparency initiative," to allow independent third-party review of its source code and internal processes to win back the trust of customers and infosec community. Kaspersky launches this initiative days after it was accused of helping, knowingly or unknowingly, Russian …

Datum: 23. 10. 2017

Android getting "DNS over TLS" to prevent ISPs from knowing what websites you visit

No doubt your Internet Service Provides (ISPs), or network-level hackers cannot spy on https communications. But do you know — ISPs can still see all of your DNS requests, allowing them to know what websites you visit. Google is working on a new security feature for Android that could prevent your Internet traffic from network spoofing attacks. that Almost every Internet activity starts with …

Datum: 23. 10. 2017

New Rapidly-Growing IoT Botnet Threatens to Take Down the Internet

Just a year after Mirai—biggest IoT-based malware that caused vast Internet outages by launching massive DDoS attacks—completed its first anniversary, security researchers are now warning of a brand new rapidly growing IoT botnet. Dubbed 'IoT_reaper,' first spotted in September by researchers at firm Qihoo 360, the new malware no longer depends on cracking weak passwords; instead, it exploits …

Datum: 21. 10. 2017

Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange (DDE), to perform malicious code execution on the targeted device without requiring Macros enabled or memory …

Datum: 20. 10. 2017

Google Play Store Launches Bug Bounty Program to Protect Popular Android Apps

Better late than never. Google has finally launched a bug bounty program for Android apps on Google Play Store, inviting security researchers to find and report vulnerabilities in some of the most popular Android apps. Dubbed "Google Play Security Reward," the bug bounty program offers security researchers to work directly with Android app developers to find and fix vulnerabilities in their …

Datum: 19. 10. 2017

Enable Google's New "Advanced Protection" If You Don't Want to Get Hacked

It is good to be paranoid when it comes to cybersecurity. Google already provides various advanced features such as login alerts and two-factor authentication to keep your Google account secure. However, if you are extra paranoid, Google has just introduced its strongest ever security feature, called "Advanced Protection," which makes it easier for users, who are usually at high risk of …

Datum: 18. 10. 2017

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109