What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-16 17:16:59 | Britain\'s information commissioner fines British Airways for 2018 Hack (lien direct) | Britain's information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. The hackers potentially accessed the personal data of approximately 429,612 customers and staff. Exposed data included names, addresses, […] | Data Breach Hack | ||
 |
2020-10-16 10:52:28 | Dickey\'s hack leaks information of 3 million customers (lien direct) | One of the biggest BBQ chain restaurants in America, Dickey’s has suffered a huge breach, leaking the card details of more than 3 million customers. This information was posted on Joker’s Stash, a carding and fraud forum. A cybersecurity firm called Gemini Advisory, who track financial fraud made the initial discovery of the breach. The […] | Hack | ||
 |
2020-10-15 19:04:10 | Experts Insight On Barnes & Noble Hack (lien direct) | It has been reported that Barnes & Noble revealed that that its corporate systems fell victim to a cyber attack and that the hackers may have gotten away with some important information about B&N's customers, potentially including their addresses. No financial information or payment details were pilfered during the attack. These are, Barnes & Noble explains, always encrypted and tokenized. It … The ISBuzz Post: This Post Experts Insight On Barnes & Noble Hack | Hack | ||
 |
2020-10-15 15:45:00 | Twitter Hack Analysis Drives Calls for Greater Security Regulation (lien direct) | New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach. | Hack | ★★★★★ | |
 |
2020-10-14 19:34:25 | Yes, we can validate leaked emails (lien direct) | When emails leak, we can know whether they are authenticate or forged. It's the first question we should ask of today's leak of emails of Hunter Biden. It has a definitive answer.Today's emails have "cryptographic signatures" inside the metadata. Such signatures have been common for the past decade as one way of controlling spam, to verify the sender is who they claim to be. These signatures verify not only the sender, but also that the contents have not been altered. In other words, it authenticates the document, who sent it, and when it was sent.Crypto works. The only way to bypass these signatures is to hack into the servers. In other words, when we see a 6 year old message with a valid Gmail signature, we know either (a) it's valid or (b) they hacked into Gmail to steal the signing key. Since (b) is extremely unlikely, and if they could hack Google, they could a ton more important stuff with the information, we have to assume (a).Your email client normally hides this metadata from you, because it's boring and humans rarely want to see it. But it's still there in the original email document. An email message is simply a text document consisting of metadata followed by the message contents.It takes no special skills to see metadata. If the person has enough skill to export the email to a PDF document, they have enough skill to export the email source. If they can upload the PDF to Scribd (as in the story), they can upload the email source. I show how to below.To show how this works, I send an email using Gmail to my private email server (from gmail.com to robertgraham.com).The NYPost story shows the email printed as a PDF document. Thus, I do the same thing when the email arrives on my MacBook, using the Apple "Mail" app. It looks like the following: The "raw" form originally sent from my Gmail account is simply a text document that looked like the following: This is rather simple. Client's insert details like a "Message-ID" that humans don't care about. There's also internal formatting details, like the fact that this is a "plain text" message rather than an "HTML" email.But this raw document was the one sent by the Gmail web client. It then passed through Gmail's servers, then was passed across the Internet to my private server, where I finally retrieved it using my MacBook.As email messages pass through servers, the servers add their own metadata.When it arrived, the "raw" document looked like the following. None of the important bits changed, but a lot more metadata was added: |
Hack Guideline | ||
 |
2020-10-13 11:00:00 | What is search engine clickbait and how do hackers trick Google\'s crawlers? (lien direct) | This blog was written by an independent guest blogger. Search engine optimization (SEO) works with algorithms to ensure that the most relevant and most popular webpages show up first in an internet search. SEO makes sure that the best websites get the biggest boost. However, SEO has a lesser-known, evil twin called black hat SEO. This term refers to a common trick of cybercriminals. Black hat SEO is meant to circumvent algorithms, exploit weaknesses, and create fraudulent links. The goal of these actions is to push malware-laden websites and other nefarious web pages on to unexpecting users. In this article, I will discuss the top ways cybercriminals hijack search engines and some examples of successful black hat SEO attempts. Understanding how cybercriminals operate and spotting their tricks can be an effective way to protect remote workforces and keep casual users safe. Stealing SEO Hackers want to catch users off guard when they are browsing the internet. They want you to click on their links and download their files so they can install malware, ransomware or other viruses on your computer. One way they can achieve this is by piggybacking off the popularity of well-established websites. This rudimentary technique can be used by even the most novice hacker. For example, some websites allow users to post comments or upload files on their webpage. Hackers can post a link to their malware or upload a file that contains a virus on a popular webpage. They know that the website has a large audience, so chances are someone will click on it. A hack like this recently happened on the UNESCO website and a Cuban government website, among a few others. A user under the moniker m1gh7yh4ck3r uploaded PDF files offering help in hacking into online accounts. When users clicked on the links, it led to a variety of scam websites that urged visitors to download files in exchange for the program. All the websites used an outdated Drupal CMS system tied to a Webform module that had vulnerabilities in the file share function. Modern websites can avoid having these glaring vulnerabilities by using SAST (Static Application Security Testing) to automatically scan written code for weaknesses. Coronavirus clickbait This particular hacking technique takes advantage of the coronavirus global health crisis. This technique exploits the fact that so many people around the world rely on the internet to provide them with information. This hack is very similar to the hack that was successfully used on the UNESCO website. It doesn’t take extensive Cybersecurity IQ training to understand. Researchers recently discovered fraudulent, online drugstores using credible health websites with coronavirus-related headlines to gain web traffic. The cybercriminals visited high-profile health websites with comments sections or forums and used bots to post a multitude of messages linking to their website. Of course, most of the messages enticed users by claiming to have cures for coronavirus, or by promising those who click easy access to illicit drugs. An additional benefit for the bad actors is that websites with many coronavirus-related keywords will rank higher on a Google search due to high public interest. The bad actors with the dangerous links gain SEO credibility by the increased traf | Ransomware Malware Hack Vulnerability | ||
 |
2020-10-13 10:45:33 | London\'s Hackney Borough Council hit by hack attack (lien direct) | Many details have yet to be shared, but mayor admits some services may be unavailable for some time. | Hack | ||
|
2020-10-11 09:21:25 | Security Affairs newsletter Round 285 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. HP Device Manager flaws expose Windows systems to hack Visa shares details for two attacks on North American hospitality merchants Australian social news platform leaks 80,000 user records Experts warn […] | Hack | ||
|
2020-10-09 13:32:54 | Wisepay: School Payments Service Hit By Cyber-Attack (lien direct) | As reported by BBC News, parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised. Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page. Attempted payments to … The ISBuzz Post: This Post Wisepay: School Payments Service Hit By Cyber-Attack | Hack | ||
|
2020-10-08 15:56:26 | Cellmate chastity gadget hack thwarted by screwdriver trick (lien direct) | The maker of a male chastity toy says it can be prised open, after researchers find a security flaw. | Hack | ||
|
2020-10-06 14:56:04 | Cellmate: Male chastity gadget hack could lock users in (lien direct) | The Chinese maker of the toy has updated the app involved, but some users remain at risk. | Hack | ||
|
2020-10-06 11:31:16 | Hacker infiltrates $15 million deal (lien direct) | A cybercriminal managed to infiltrate a commercial transaction, hiding long enough to get the final amount of $15 million. The fraudster carefully executed an email compromise that lasted for 2 months. When they gained access to the email chain they placed themselves in the transaction to diverted the money. Investigators have linked the hack to […] | Hack | ||
|
2020-10-05 10:56:00 | Hacker leaves literal fingerprints at the crime scene (lien direct) | Darktrace has potentially been experienced the dumbest hack of all time, where the criminal purposely left their fingerprints at the crime scene. The AI company had installed fingerprint scanners at their warehouse to reduce the risk of attacks like these. The hacker began to delete fingerprints on the system in order to add theirs in […] | Hack | ||
|
2020-10-04 08:27:09 | HP Device Manager flaws expose Windows systems to hack (lien direct) | HP published details of three vulnerabilities in the HP Device Manager that could be exploited by attackers to take over Windows systems. HP released a security advisory that includes details for three critical and high severity vulnerabilities, tracked as CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927, that impact the HP Device Manager. The IT giant revealed that an attacker could […] | Hack | ||
|
2020-10-01 11:57:36 | Flaws in leading industrial remote access systems allow disruption of operations (lien direct) | Experts found critical security flaws in two popular industrial remote access systems that could be exploited by threat actors for malicious purposes. Security researchers from Israeli firm OTORIO found critical vulnerabilities in leading industrial remote access systems that could be exploited by attackers to ban access to industrial production floors, hack into company networks, tamper […] | Hack Threat Guideline | ||
|
2020-10-01 11:30:44 | Blackbaud: Bank details and passwords at risk in giant charities hack (lien direct) | Millions of people were affected by breach, which firm previously said did not involve bank details. | Hack | ||
 |
2020-10-01 01:29:08 | Critical Flaws Discovered in Popular Industrial Remote Access Systems (lien direct) | Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets.
The flaws, discovered by Tel Aviv-based OTORIO, were identified in B&R Automation's SiteManager and GateManager, and MB Connect |
Hack | ||
 |
2020-09-30 19:50:00 | North Korea has tried to hack 11 officials of the UN Security Council (lien direct) | New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year. | Hack | ||
|
2020-09-29 12:56:50 | FBI and CISA warn of disinformation campaigns about the hack of voter systems (lien direct) | The FBI and the US CISA issued a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election. The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint public service announcement to warn of the threat of disinformation campaigns targeting the upcoming 2020 […] | Hack Threat | ||
|
2020-09-25 14:39:55 | Fortinet VPN with default certificate exposes 200,000 businesses to hack (lien direct) | According to SAM Seamless Network, over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes. The configuration of the VPN […] | Hack | ||
|
2020-09-24 03:11:10 | Major Instagram App Bug Could\'ve Given Hackers Remote Access to Your Phone (lien direct) | Ever wonder how hackers can hack your smartphone remotely?
In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image.
What's more worrisome is that the flaw not only lets attackers |
Hack | ||
 |
2020-09-22 12:05:26 | 10 Raspberry Pi alternatives for you to try out (lien direct) | Working on a DIY hardware hack but don't like the taste of Raspberry Pi? Don't fret: here are 10 great alternatives for you to try. | Hack | ||
 |
2020-09-22 10:00:00 | Get Lost With a Signal-Blocking Smartphone Pouch (lien direct) | It's not hard for bad actors to track or hack your phone. But put it inside a Faraday pouch and you can drop off the digital map. | Hack | ★★ | |
|
2020-09-21 19:06:56 | Experts On Major Activision Hack Reportedly Compromises Over 500k CoD Accounts (lien direct) | Over 500,000 Activision accounts have reportedly been hacked in a new Activision data breach on September 20, leaving Call of Duty players in limbo. All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo. As of the time of publishing, over 500,000 Activision accounts … The ISBuzz Post: This Post Experts On Major Activision Hack Reportedly Compromises Over 500k CoD Accounts | Data Breach Hack | ||
|
2020-09-18 10:45:31 | Police launch homicide inquiry after German hospital hack (lien direct) | Woman dies being transferred from German hospital which is hit by hackers. | Hack | ||
 |
2020-09-16 23:09:15 | Smashing Security podcast #196: Smart guns, smart cars, and smart street lights – oh my! (lien direct) | Kalashnikov unveils its “smart” shotgun, San Diego struggles with its street lights, and a researcher reveals how he found a way to hack every Tesla on the planet. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined … Continue reading "Smashing Security podcast #196: Smart guns, smart cars, and smart street lights – oh my!" | Hack | ||
|
2020-09-16 11:10:05 | French law enforcement deploy malware to hack into organised crime networks (lien direct) | French law enforcement have deployed malware to Encrochat devices in the effort to infiltrate criminal networks. Encrochat is largely used on Andriod phones using an encrypted network for communication, hence its popularity within organised crime including drug trafficking. The malware deployed has the ability to harvest all the data sorted on the phone from messages […] | Malware Hack | ||
|
2020-09-10 08:57:19 | (Déjà vu) Hackers stole $5.4 million from cryptocurrency exchange ETERBASE (lien direct) | Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 million. Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 million. The company disclosed the hack on Thursday, threat actors have stolen various cryptocurrencies from its hot wallets, it […] | Hack Threat | ||
|
2020-09-10 01:05:03 | Slovak cryptocurrency exchange ETERBASE discloses $5.4 million hack (lien direct) | Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets were stolen in the hack. | Hack | ||
 |
2020-09-09 03:00:23 | Learn Ghidra From Home at SecTor 2020 (lien direct) | Running the IoT Hack Lab at SecTor has been a highlight of my year since 2015. Although we won't be back this year to fill our corner of the MTCC, I'm happy to be teaching A Beginner's Guide to Reversing with Ghidra as part of the SecTor 2020 virtual conference October 19-20. Ghidra is an […]… Read More | Hack | ||
|
2020-09-08 15:12:12 | Expert found multiple critical issues in MoFi routers (lien direct) | Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. The researchers Rich Mirch from CRITICALSTART discovered ten vulnerabilities MOFI4500 MoFi Network routers. The expert reported the issues to the vendor in May but some of the flaws have yet to be patched. Most of […] | Hack | ||
 |
2020-09-03 11:11:10 | The FBI Intrusion Notification Program (lien direct) | The FBI intrusion notification program is one of the most important developments in cyber security during the last 15 years. This program achieved mainstream recognition on 24 March 2014 when Ellen Nakashima reported on it for the Washington Post in her story U.S. notified 3,000 companies in 2013 about cyberattacks. The story noted the following:"Federal agents notified more than 3,000 U.S. companies last year that their computer systems had been hacked, White House officials have told industry executives, marking the first time the government has revealed how often it tipped off the private sector to cyberintrusions...About 2,000 of the notifications were made in person or by phone by the FBI, which has 1,000 people dedicated to cybersecurity investigations among 56 field offices and its headquarters. Some of the notifications were made to the same company for separate intrusions, officials said. Although in-person visits are preferred, resource constraints limit the bureau's ability to do them all that way, former officials said...Officials with the Secret Service, an agency of the Department of Homeland Security that investigates financially motivated cybercrimes, said that they notified companies in 590 criminal cases opened last year, officials said. Some cases involved more than one company."The reason this program is so important is that it shattered the delusion that some executives used to reassure themselves. When the FBI visits your headquarters to tell you that you are compromised, you can't pretend that intrusions are "someone else's problem."It may be difficult for some readers to appreciate how prevalent this mindset was, from the beginnings of IT to about the year 2010.I do not know exactly when the FBI began notifying victims, but I believe the mid-2000's is a safe date. I can personally attest to the program around that time.I was reminded of the importance of this program by Andy Greenberg's new story The FBI Botched Its DNC Hack Warning in 2016-but Says It Won't Next Time. I strongly disagree with this "botched" characterization. Andy writes:"[S]omehow this breach [of the Democratic National Committee] had come as a terrible surprise-despite an FBI agent's warning to [IT staffer Yared] Tamene of potential Russian hacking over a series of phone calls that had begun fully nine months earlier.The FBI agent's warnings had 'never used alarming language,' Tamene would tell the Senate committee, and never reached higher than the DNC's IT director, who dismissed them after a cursory search of the network for signs of foul play."As with all intrusions, criminal responsibility lies with the intruder. However, I do not see why the FBI is supposed to carry the blame for how this intrusion unfolded. According to investigatory documents and this Crowdstrike blog post on their involvement, at least seven months passed from the time the FBI notified the DNC (sometime in September 2015) and when they contacted Crowdstrike (30 April 2015). That is ridiculous. If I received a call from the FBI even hinting at a Russian presence in my network, I would be on the phone with a professional incident response firm right after I briefed the CEO about the call.I'm glad the FBI continues to improve its victim notification procedures, but it doesn't make much of a difference if the individuals running IT and the organization are negligent, either through incompetence or inaction.Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and w | Hack | ||
|
2020-09-02 15:56:16 | The FBI Botched Its DNC Hack Warning in 2016-but Says It Won\'t Next Time (lien direct) | Facing looming election threats and a ransomware epidemic, the bureau says it has revamped its process for warning hacking victims. | Ransomware Hack | ||
|
2020-09-02 11:00:00 | How Covid-19 has increased vulnerabilities in Industrial Control Systems (lien direct) | This blog was written by an independent guest blogger. By now, most are aware that the Covid-19 pandemic has led to a spike in cyberattacks. This sharp increase in malicious activity related to COVID has taken the typical form of adversaries seeking to benefit financially, gain unauthorized access to networks for immediate and long-term strategic benefit, and spread misinformation with political agendas. Much of this is a direct result of the work from home (WFH) phenomenon. With organizations and businesses rapidly deploying systems and networks to support remote staff, criminals can’t help themselves. Increased security vulnerabilities have offered the opportunity to steal data, generate profits, and generally cause havoc. In one four-month period (January to April) some 907,000 spam messages, 737 incidents related to malware, and 48,000 malicious URLs – all related to COVID-19 – were detected by one of INTERPOL’s private sector partners. There are a number of other threats, though, that have also been caused by the pandemic but that are less visible. One of these is the increased vulnerability of industrial control systems. The threat The most up to date data on the vulnerability of industrial control systems, and how this has been affected by the pandemic, comes courtesy of the ICS Risk & Vulnerability Report, released this week by Claroty. This research contains an assessment of 365 ICS vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) during the first half of 2020, affecting 53 vendors. The findings are striking, and particularly so given how many systems engineers now work from home. Fully 70% of the vulnerabilities published by the NVD can be exploited remotely, while the most common potential impact is remote code execution, which is possible with 49% of the vulnerabilities. When combined with the fact that recent research has found that 83% of firms are simultaneously struggling to ensure the security of remote working systems, this is highly concerning. In practice, this means that if an organization’s remote working systems are insecure – which seems likely, given the difficulties that many have reported in recent months – then hackers may be granted an increased capability to remotely execute malicious code on industrial systems. The Impact The increased likelihood of this kind of attack should concern all organizations working with industrial control systems, but especially those companies employing centralized systems such as DCS, SCADA, or PLS. In recent years, these solutions have been used for networking previously discrete industrial systems together. While this has allowed organizations to dramatically increase their efficiency and productivity, it potentially leaves these systems open to laterally-deployed cyberattacks. This risk is compounded by a similarly worrying trend in international cyber warfare. Tho | Spam Hack Vulnerability Guideline | ||
|
2020-09-02 08:29:45 | AusCERT says alleged DoE hack came from a third-party (lien direct) | AusCERT says a data breach occurred at K7Maths, a company providing services to schools. | Data Breach Hack | ||
|
2020-09-01 10:53:27 | Hack this email account… plz plz plz! (lien direct) | Running a security blog means that I'm always interested in receiving tips about data breaches, vulnerabilities, malware attacks, and the like. But I do explain that I'm not available to help troubleshoot PC problems or provide technical support – there simply aren't enough hours in the day, and it doesn't put any crumbs on the dining room table. This morning, however, I received a very polite message from a reader of the blog. | Malware Hack | ||
|
2020-08-28 11:35:19 | Experts Reacted On Musk Confirms Russian Hack Targeted Tesla Factory (lien direct) | The US authorities arrested and charged a Russian national in US who was recruiting and convincing a Tesla’s employee to install a malware at Tesla factory in Nevada. The Telsa CEO Elon Musk also confimed the plot by tweet.The cybersecurity experts reacted on this new plot. The ISBuzz Post: This Post Experts Reacted On Musk Confirms Russian Hack Targeted Tesla Factory | Malware Hack | ||
|
2020-08-26 12:40:00 | Russian National Arrested for Conspiracy to Hack Nevada Company (lien direct) | The defendant allegedly planned to pay an employee $1 million to infect the company network with malware. | Hack | ||
|
2020-08-26 00:57:04 | Russian arrested for trying to recruit an insider and hack a Nevada company (lien direct) | A Russian national traveled to the US to recruit and convince an employee of a Nevada company to install malware on the company's network. | Malware Hack | ||
|
2020-08-24 15:21:46 | Former Uber Security Chief Charged With Paying Hush Money To Cover Up 2016 Hack (lien direct) | As reported by The Verge, Uber's former security chief has been charged with obstruction of justice for trying to hide a data breach from the Federal Trade Commission and Uber management, according to a statement from the Department of Justice. Joseph Sullivan, who was Uber's chief security officer from April 2015 to November 2017, allegedly concealed … The ISBuzz Post: This Post Former Uber Security Chief Charged With Paying Hush Money To Cover Up 2016 Hack | Data Breach Hack | Uber | |
|
2020-08-22 08:15:04 | Thousands of WordPress WooCommerce stores potentially exposed to hack (lien direct) | Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […] | Hack | ||
|
2020-08-21 17:48:00 | Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators (lien direct) | Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb, researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen […] | Ransomware Hack Threat | ||
|
2020-08-21 10:04:22 | Uber ex-security boss accused of covering up hack attack (lien direct) | Joseph Sullivan has been charged with obstruction of justice in the US over a 2016 data breach. | Hack | Uber | |
|
2020-08-20 20:51:02 | Former Uber CSO charged for 2016 hack cover-up (lien direct) | DOJ officials say former Uber CSO Joe Sullivan lied to management about the security breach and paid hush money to the hackers. | Hack | Uber | |
|
2020-08-20 16:30:00 | Former Uber CSO Charged in Hack Cover-up (lien direct) | The charges stem from a 2016 attack in which 57 million records were breached. | Hack | Uber | |
|
2020-08-20 16:04:43 | CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack (lien direct) | Cisco addressed a critical default credentials vulnerability (CVE-2020-3446) affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco fixed a critical default credentials vulnerability impacting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes […] | Hack Vulnerability | ||
 |
2020-08-19 16:13:10 | Law Enforcement Websites Hit by BlueLeaks May Have Been Easy To Hack (lien direct) | ASPX Shell, compressing files with 7-Zip | Hack | ||
|
2020-08-16 13:26:41 | Security Affairs newsletter Round 277 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Homoglyph attacks used in phishing campaign and Magecart attacks Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated US OCC imposed an $80 Million fine to Capital One for 2019 […] | Hack | ||
|
2020-08-14 12:47:01 | BootHole vulnerability in Linux systems renders servers unbootable (lien direct) | It was reported this week by Naked Security that Linux systems are affected by a vulnerability that can render those Linux servers unbootable. BootHole leverages a vulnerability in both GRUB2 and Secure Boot, explains TechRepublic. To make BootHole a bit more daunting, it’s actually a really easy hack to pull off. The only thing blocking […] | Hack Vulnerability | ||
|
2020-08-13 15:44:53 | Report: Unskilled hackers can breach about 3 out of 4 companies (lien direct) | Positive Technologies found in a recent study that criminals with few skills can hack a company in less than 30 minutes. | Hack |
To see everything:
Our RSS (filtrered)
