RSS ze světa hackingu


Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange (DDE), to perform malicious code execution on the targeted device without requiring Macros enabled or memory …

Datum: 20. 10. 2017

Google Play Store Launches Bug Bounty Program to Protect Popular Android Apps

Better late than never. Google has finally launched a bug bounty program for Android apps on Google Play Store, inviting security researchers to find and report vulnerabilities in some of the most popular Android apps. Dubbed "Google Play Security Reward," the bug bounty program offers security researchers to work directly with Android app developers to find and fix vulnerabilities in their …

Datum: 19. 10. 2017

Enable Google's New "Advanced Protection" If You Don't Want to Get Hacked

It is good to be paranoid when it comes to cybersecurity. Google already provides various advanced features such as login alerts and two-factor authentication to keep your Google account secure. However, if you are extra paranoid, Google has just introduced its strongest ever security feature, called "Advanced Protection," which makes it easier for users, who are usually at high risk of …

Datum: 18. 10. 2017

Dangerous Malware Allows Anyone to Empty ATMs—And It’s On Sale!

Hacking ATM is now easier than ever before. Usually, hackers exploit hardware and software vulnerabilities to hack ATMs and force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs. Hackers are selling ready-made ATM malware on an underground hacking forum that anybody can simply buy for around $5000, researchers at Kaspersky Lab discovered …

Datum: 17. 10. 2017

Learn Ethical Hacking — Get 8 Online Courses For Just $29

With the rise in cyber-crimes, ethical hacking has become a powerful strategy in the fight against online threats. In general terms, ethical hackers are authorised to break into supposedly 'secure' computer systems without malicious intent, but with the aim of discovering vulnerabilities to bring about improved protection. Ethical Hackers are now kind of becoming the alchemists of the 21st …

Datum: 17. 10. 2017

Microsoft Kept Secret That Its Bug-Tracking Database Was Hacked In 2013

It was not just Yahoo among "Fortune 500" companies who tried to keep a major data breach incident secret. Reportedly, Microsoft had also suffered a data breach four and a half years ago (in 2013), when a "highly sophisticated hacking group" breached its bug-reporting and patch-tracking database, but the hack was never made public until today. According to five former employees of the …

Datum: 17. 10. 2017

Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billion of Devices

If you think KRACK attack for WiFi is the worst vulnerability of this year, then hold on… ...we have got another one for you which is even worse. Microsoft, Google, Lenovo, HP and Fujitsu are warning their customers of a potentially serious vulnerability in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. It's noteworthy that this …

Datum: 17. 10. 2017

Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware

FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, which was being actively exploited in the wild by a group of advanced persistent threat actors, …

Datum: 16. 10. 2017

Yet Another Linux Kernel Privilege-Escalation Bug Discovered

Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab (Active-Defense Lab) researchers, the Linux kernel vulnerability (CVE-2017-15265) is due to a use-after-free memory error in the Advanced Linux Sound Architecture (ALSA) …

Datum: 16. 10. 2017

How A Drive-by Download Attack Locked Down Entire City for 4 Days

We don't really know the pain and cost of a downtime event unless we are directly touched. Be it a flood, electrical failure, ransomware attack or other broad geographic events; we don't know what it is really like to have to restore IT infrastructure unless we have had to do it ourselves. We look at other people's backup and recovery issues and hope we are smarter or clever enough to keep …

Datum: 16. 10. 2017

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139