Vulnerabilities (Page 195)

Hacking PayPal’s Express Checkout

On: October 1, 2016

In: Important, Incidents, Vulnerabilities

Recent research on web security and related topics. Provided and maintained by members and friends of the Chair for Network and Data Security, Horst Görtz Institute, Ruhr-University Bochum. Do youRead More →

Microsoft seeks testers for ‘Project Springfield’ bug-detection service

On: October 1, 2016

In: Vulnerabilities

Microsoft is planning to make its internally-used ‘white-box fuzzing’ bug-detection service available to external customers and partners. Microsoft is looking for testers for a new bug-detection service that will runRead More →

Hacked Steam accounts spreading Remote Access Trojan

On: October 1, 2016

In: Important, Incidents, Malware, Vulnerabilities

Yesterday, I stumbled on a post where a Reddit user named Haydaddict was alerting people about some hacked Steam accounts spreading malware. As I am always interested in new malware, I took a lookRead More →

A Top-Shelf iPhone Hack Now Goes for $1.5 Million

On: September 30, 2016

In: Important, Mobile Security, Vulnerabilities

AS IOS AND Android mature, the stand-off between platforms and hackers escalates in kind. Each release brings new security measures, while those who want to break in—nation-state intelligence agencies andRead More →

Kaspersky decrypts Ransomware from TeamXRat

On: September 30, 2016

In: Important, Incidents, Malware, Vulnerabilities

Kaspersky posted a great article about their TeamXrat Ransomware analysis and how they were able to create a decryptor for its victims. Reported back in mid September in our forums, I and other security researchersRead More →

Part 1 – Minor Cross Site Scripting in ASUS RT-AC66U router when displaying SSID from site survey

On: September 28, 2016

In: Vulnerabilities

Now, this first one isn’t such a huge issue as it would require physical proximity to the router, at the same time that the user is trying to do aRead More →

Unsafe at any clock speed: Linux kernel security needs a rethink

On: September 28, 2016

In: Vulnerabilities

Ars reports from the Linux Security Summit—and finds much work that needs to be done. The Linux kernel today faces an unprecedented safety crisis. Much like when Ralph Nader famouslyRead More →

HANCITOR DOWNLOADER ABUSING APIS, POWERSHELL COMMANDS

On: September 27, 2016

In: Important, Incidents, Malware, Vulnerabilities

We recently observed Hancitor attacks against some of our FireEye Exploit Guard customers. The malicious document used to deliver the Hancitor executable was observed being distributed as an attachment inRead More →

As we speak, teen social site is leaking millions of plaintext passwords

On: September 27, 2016

In: Incidents, Vulnerabilities

i-Dressup operators fail to fix bug that exposes up to 5.5 million credentials. A social hangout website for teenage girls has sprung a leak that’s exposing plaintext passwords protecting as manyRead More →

BT Wi-Fi extender, extends to XSS and password changing vulnerabilities

On: September 23, 2016

In: Vulnerabilities

Following an investigation by Pen Test Partners, British Telecom (BT) has released a firmware upgrade for their popular range of Wi-Fi extenders. The investigation uncovered vulnerabilities within the firmware whenRead More →

Vulnerabilities (Page 195)

Hacking PayPal’s Express Checkout

Microsoft seeks testers for ‘Project Springfield’ bug-detection service

Hacked Steam accounts spreading Remote Access Trojan

A Top-Shelf iPhone Hack Now Goes for $1.5 Million

Kaspersky decrypts Ransomware from TeamXRat

Part 1 – Minor Cross Site Scripting in ASUS RT-AC66U router when displaying SSID from site survey

Unsafe at any clock speed: Linux kernel security needs a rethink

HANCITOR DOWNLOADER ABUSING APIS, POWERSHELL COMMANDS

As we speak, teen social site is leaking millions of plaintext passwords

BT Wi-Fi extender, extends to XSS and password changing vulnerabilities

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Massive NVIDIA GPU Exploit Found. How Hackers Can Take Down 35% of AI Systems in Cloud!

Blast-RADIUS Attack Exploting Critical RADIUS Flaw Could Compromise Your Network

14 Million Servers Vulnerable to Critical OpenSSH Bug: Become Remote Admin with CVE-2024-6387

How Safe is Your TinyProxy? Step-by-Step Guide to Exploiting Tinyproxy’s Zero Day Vulnerability

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]