Data Security (Page 113)

Data Security News | Infosec Blog | Information Security Tutorials

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

On: March 3, 2017

In: Important, Incidents, Malware, Vulnerabilities

Delivered by “secure” Word doc, pure PowerShell malware fetches commands from DNS TXT records. Researchers at Cisco’s Talos threat research group are publishing research today on a targeted attack deliveredRead More →

XSS flaws in Zscaler Cloud management software allow logged attackers to hack coworkers

On: March 1, 2017

In: Important, Incidents, Malware, Vulnerabilities

Zscaler has fixed persistent XSS vulnerabilities affecting Zscaler Cloud management software that allow logged attackers to hack coworkers. Serious cross-site scripting (XSS) flaws in the Zscaler Cloud management software could be exploitedRead More →

Web Cache Deception Attack

On: February 28, 2017

In: Important, Incidents, Malware, Vulnerabilities

A few words about caching and reactions Websites often tend to use web cache functionality (for example over a CDN, a load balancer, or simply a reverse proxy). The purposeRead More →

Stolen EHR data is flooding criminal underground communities in the Deep Web

On: February 27, 2017

In: Important, Vulnerabilities

EHR data are precious commodities in the cyber criminal underground because of the lack of cyber security of healthcare industry. Electronic health record databases are becoming the most precious commoditiesRead More →

Vulnerability Deep Dive – Ichitaro Office Excel File Code Execution Vulnerability

On: February 25, 2017

In: Important, Vulnerabilities

Vulnerabilities in word processing and office productivity suites are useful targets for exploitation by threat actors. Users frequently encounter file types used by these software suites in their day toRead More →

Malware Uses Blinking Hard Drive LEDs to Transmit Data to Nearby Cameras

On: February 23, 2017

In: Important, Incidents, Malware, Vulnerabilities

Custom-made malware installed on an offline computer can use a hard drive’s LED to send out sensitive data from infected computers to nearby cameras. This Hollywood hacking scenario is nowRead More →

New macOS Patcher Ransomware Locks Data for Good, No Way to Recover Your Files

On: February 23, 2017

In: Important, Incidents, Malware, Vulnerabilities

A newly discovered ransomware family calling itself Patcher is targeting macOS users, but according to security researchers from ESET, who discovered the ransomware last week, Patcher bungles the encryption processRead More →

DomainMonster mash: Hundreds of websites vandalized after Brit web host server hacked

On: February 22, 2017

In: Important, Incidents, Vulnerabilities

Small biz wakes up to find online homes defaced. Hundreds of websites have been defaced by hackers who hijacked a web-hosting server run by UK domain registrar DomainMonster. The index.phpRead More →

Revisiting Windows Security Hardening Through Kernel Address Protection

On: February 22, 2017

In: Important, Incidents, Malware, Vulnerabilities

Back in 2011 when Windows 7 Service Pack 1 was king of the hill and I was just starting to learn to program (via Harvard’s epic CS50), j00ru published aRead More →

ISIS Supporters Targeted with Android OmniRAT Malware

On: February 16, 2017

In: Important, Incidents, Malware, Mobile Security, Vulnerabilities

Islamic State supporters are being targeted with a modified version of the Telegram Android app that contains a version of the OmniRAT remote access toolkit. The app, named plus_gram.apk, isRead More →

Data Security (Page 113)

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

Web Cache Deception Attack

Stolen EHR data is flooding criminal underground communities in the Deep Web

Vulnerability Deep Dive – Ichitaro Office Excel File Code Execution Vulnerability

Malware Uses Blinking Hard Drive LEDs to Transmit Data to Nearby Cameras

New macOS Patcher Ransomware Locks Data for Good, No Way to Recover Your Files

DomainMonster mash: Hundreds of websites vandalized after Brit web host server hacked

Revisiting Windows Security Hardening Through Kernel Address Protection

ISIS Supporters Targeted with Android OmniRAT Malware

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

FortiGate Firewalls Zero-Day Chaos: How Hackers Are Gaining Control of Firewalls Worldwide – Is Your Network at Risk?

How Hackers Can Hijack Your Device Without You Knowing – MediaTek’s RCE Flaw Explained

Hacking Active Directory: Learn How LDAPNightmare Flaw Shuts Down AD Services

PAN-OS DoS Flaw: Is Your Network at Risk? Learn How to Secure It Now!

Don’t Get Hacked! Sophos Firewall Vulnerabilities Explained

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]