Post

Visualizzazione dei post da ottobre, 2016

Google Online Security Blog: Disclosing vulnerabilities to protect users

http://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html

Appointments on hold as (computer) virus wreaks havoc with NHS trust systems • The Register

http://www.theregister.co.uk/2016/10/31/virus_shuts_down_nhs_trust/

Windows Atom Tables popped by security researchers

http://www.theregister.co.uk/2016/10/28/windows_atom_tables_popped_by_security_researchers/

È stato condannato l'hacker che rubò le foto delle attrici famose - Il Post

http://www.ilpost.it/2016/10/28/hacker-foto-attrici-famose/

The Red Cross Blood Service: Australia's largest ever leak of personal data

https://www.troyhunt.com/the-red-cross-blood-service-australias-largest-ever-leak-of-personal-data/

Contractor behind Australia's biggest-ever data breach revealed

http://www.itnews.com.au/news/contractor-behind-australias-biggest-ever-data-breach-revealed-440339

How Hackers Broke Into John Podesta and Colin Powell’s Gmail Accounts

http://motherboard.vice.com/read/how-hackers-broke-into-john-podesta-and-colin-powells-gmail-accounts

Schneider Electric plugs gaping hole in industrial control kit

http://www.theregister.co.uk/2016/10/27/schneider_plugs_gaping_industrial_control_security_flaw/

Hacking 3D manufacturing systems demonstrated by researchers - Help Net Security

https://www.helpnetsecurity.com/2016/10/21/hacking-3d-manufacturing-systems/

Malicious JPEGs can compromise your iPhone - Help Net Security

https://www.helpnetsecurity.com/2016/10/27/jpegs-compromise-iphone/

How Google's Project Zero made Apple refactor its kernel

http://www.theregister.co.uk/2016/10/27/how_googles_project_zero_made_apple_refactor_its_kernel/

PayPal patches bone-headed two factor authentication bypass

http://www.theregister.co.uk/2016/10/27/paypal_2fa_flaw/

Internet of S**t things claims another scalp: DNS DDoS smashes StarHub

http://www.theregister.co.uk/2016/10/27/starhub_dns_hosed_by_starhubs_customers_infected_kit/

Three LibTIFF bugs found, only two patched • The Register

http://www.theregister.co.uk/2016/10/27/three_libtiff_bugs_found_only_two_patched/

Joomla! squashes critical privileged account creation holes • The Register

http://www.theregister.co.uk/2016/10/27/joomla_squashes_critical_privileged_account_creation_holes/

Adobe emits emergency patch for Flash hole malware is exploiting right this minute • The Register

http://www.theregister.co.uk/2016/10/26/adobe_patches_fresh_flash_zeroday/

This is not a drill: Hackers pop stock Nexus 6P in five minutes

http://www.theregister.co.uk/2016/10/26/hackers_pop_stock_nexus_6p_in_five_minutes/

Webcam richiamate dopo l'attacco hacker a Twitter e Reddit

http://www.repubblica.it/tecnologia/sicurezza/2016/10/25/news/richiamate_le_telecamere_utilizzate_dagli_hacker_per_attaccare_twitter_e_reddit-150531521/

Graduate recruitment site exposed 50,000 CVs sent to Virgin Media UK

http://www.theregister.co.uk/2016/10/25/virgin_media_uk_site_exposed_50000_resumes/

Joomla! readies patch for core vulnerability so critical it isn't talking

http://www.theregister.co.uk/2016/10/25/joomla_readies_patch_for_core_vulnerability_so_critical_it_isnt_talking/

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

http://www.theregister.co.uk/2016/10/24/apple_security_update/

App proves Rowhammer can be exploited to root Android phones – and there's little Google can do to fully kill it

http://www.theregister.co.uk/2016/10/24/rowhammer_android/

Ageing GSM crypto cracked on commodity graphics rig • The Register

http://www.theregister.co.uk/2016/10/24/cracking_2g_gsm/

Every LTE call, text, can be intercepted, blacked out, hacker finds

http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/

Hackers Sell $7,500 IoT Cannon To Bring Down The Web Again

http://www.forbes.com/sites/thomasbrewster/2016/10/23/massive-ddos-iot-botnet-for-hire-twitter-dyn-amazon/

Paypal 2FA Bypass

https://henryhoggard.co.uk/blog/Paypal-2FA-Bypass

Pacemaker maker St Jude faces new security flaw claims from biz short-selling its stock • The Register

http://www.theregister.co.uk/2016/10/22/st_jude_new_security_claims/

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert • The Register

http://www.theregister.co.uk/2016/10/21/comodoh_researchers_exploit_image_recognition_bug_to_steal_certs/

Chinese hackers targeted US aircraft carrier

https://www.ft.com/content/b03bc7f0-9745-11e6-a1dc-bdf38d484582

VESK coughs up £18k in ransomware attack • The Register

http://www.theregister.co.uk/2016/09/29/vesk_coughs_up_18k_in_ransomware_attack/

And! it! begins! Yahoo! sued! over! ultra-hack! of! 500m! accounts! • The Register

http://www.theregister.co.uk/2016/09/24/yahoo_sued_hack/

College student hacked college system to change grades - E Hacker News

http://www.ehackingnews.com/2016/09/college-student-hacked-college-system.html

www.nytimes.com

http://www.nytimes.com/2016/09/29/technology/yahoo-data-breach-hacking.html?_r=1

D-Link DWR-932 B owner? Trash it, says security bug-hunter • The Register

http://www.theregister.co.uk/2016/09/29/dlink_dwr932_b_owner_trash_it_says_security_bughunter/

152k cameras in 990Gbps record-breaking dual DDoS • The Register

http://www.theregister.co.uk/2016/09/27/152463_hacked_cameras_deliver_990gbps_recordbreaking_dual_ddos/

Source code unleashed for junk-blasting Internet of Things botnet • The Register

http://www.theregister.co.uk/2016/10/03/iot_botnet/

Internet of Things comes back to bite us as hackers spread botnet code

http://www.usatoday.com/story/tech/news/2016/10/03/internet-things-brian-krebs-ddos-attack-distributed-denial-of-service/91481588/

Attenzione al virus xic.graphics che arriva come messaggio di Facebook | Computerworld

http://www.cwi.it/attenzione-al-virus-xic-graphics-arriva-messaggio-facebook_94832/

Revealed: How one Amazon Kindle scam made millions of dollars | ZDNet

http://www.zdnet.com/article/exclusive-inside-a-million-dollar-amazon-kindle-catfishing-scam/

Let's not meet up with JPEG 2000 – researchers find security hole in image codec • The Register

http://www.theregister.co.uk/2016/10/04/jpeg_2000_security_hole/

TalkTalk fined £400K for mistakes that led to 2015 hack

https://www.engadget.com/2016/10/05/talktalk-400-000-ico-hack-fine/

These diabetes pumps obey unencrypted radio commands – which is, frankly, f*%king stupid • The Register

http://www.theregister.co.uk/2016/10/05/animas_diabetes_pump_flaw/

Mac malware lies in wait for YOU to start a vid sesh... • The Register

http://www.theregister.co.uk/2016/10/06/sneaky_mac_webcam_hijack_malware/

Malware diffusi tramite gli avvisi pubblicitari di Spotify su PC e Mac - HDblog.it

http://windows.hdblog.it/2016/10/06/spotify-malware-attacco-pc-mac/

Amazon finds cache of reused passwords: change yours now! Naked Security

https://nakedsecurity.sophos.com/2016/10/11/amazon-finds-cache-of-reused-passwords-change-yours-now/

NHS attacked by ransomware 'dozens' of times - SC Magazine UK

http://www.scmagazineuk.com/nhs-attacked-by-ransomware-dozens-of-times/article/546557/

Four vulnerabilities found in Dell SonicWALL Email Security virtual appliance application - Help Net Security

https://www.helpnetsecurity.com/2016/10/12/sonicwall-email-security-vulnerabilities/

Personal info on more than 58 million people spills onto the web from data slurp biz • The Register

http://www.theregister.co.uk/2016/10/13/us_data_aggregator_megabreach/

Outlook-on-Android alternative 'Nine' leaked Exchange Server creds • The Register

http://www.theregister.co.uk/2016/10/17/outlook_app_slapped_in_maninthemiddle_diddle/

Audit sees VeraCrypt kill critical password recovery, cipher flaws • The Register

http://www.theregister.co.uk/2016/10/18/veracrypt_audit/

Oracle puts out 253 fixes and a request to please apply patches NOW! Naked Security

https://nakedsecurity.sophos.com/2016/10/19/oracle-puts-out-253-fixes-and-a-request-to-please-apply-patches-now/

33 million CLEARTEXT creds for Russian IM site dumped by chap behind Last.FM mess • The Register

http://www.theregister.co.uk/2016/09/12/qipru_breach/

Peccant pwners post 670,000 Pokémon punter MD5 passwords • The Register

http://www.theregister.co.uk/2016/09/12/peccant_pwners_post_670000_pokemon_punter_md5_passwords/

Queensland TAFE suffers security breach, student data accessed | Delimiter

https://delimiter.com.au/2015/11/13/queensland-tafe-suffers-security-breach-student-data-accessed/

Logins for US Navy, NASA's JPL among US gov logins sold on deepweb • The Register

http://www.theregister.co.uk/2016/09/14/nasas_jpl_navy_part_of_thousands_of_us_gov_logins_sold_on_deepweb/

IP telephony biz VoIPtalk quietly admits to possible data breach • The Register

http://www.theregister.co.uk/2016/09/13/voiptalk_suspected_breach/

Researcher reports XSS hole in Google France • The Register

http://www.theregister.co.uk/2016/09/14/google_france_xss/

Cisco drops patch for nasty WebEx remote code execution hole • The Register

http://www.theregister.co.uk/2016/09/16/cisco_webex_patch/

FBI investigating City Hall 'ransomware' attack - News - Sarasota Herald-Tribune - Sarasota, FL

http://www.heraldtribune.com/news/20160824/fbi-investigating-city-hall-ransomware-attack

Medical device cyber attacks on rise - E Hacker News

http://www.ehackingnews.com/2016/09/medical-device-cyber-attacks-on-rise.html

Going, going, done: Trio of prolific auction fraud fraudsters jailed • The Register

http://www.theregister.co.uk/2016/09/20/auction_fraud_trio_jailed/

Mobile review website MoDaCo coughs to data breach • The Register

http://www.theregister.co.uk/2016/09/20/modaco_breach/

Police: Student hacks into Kennesaw State's system changes grades steals personal data - Story | WAGA

http://www.fox5atlanta.com/news/206545219-story

Maker of smart vibrator sued for snooping on customers use Naked Security

https://nakedsecurity.sophos.com/2016/09/20/maker-of-smart-vibrator-sued-for-snooping-on-customers-use/

Security Advisories Relating to Symantec Products - Symantec Decomposer Engine Security Update - 2016-09-19T02:37:38 PDT| Symantec

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00

BT's Wi-Fi Extender works great – at extending your password to hackers • The Register

http://www.theregister.co.uk/2016/09/21/bt_wifi_booster_fix/

Greybeards beware: Hair dye for blokes outfit Just For Men served trojan • The Register

http://www.theregister.co.uk/2016/09/21/just_for_men_serves_passwordstealing_trojan/

Victoria Police warn of malware-laden USB sticks in letterboxes • The Register

http://www.theregister.co.uk/2016/09/21/letterbox_usb_police_warning/

Pramworld admits mailing list breach • The Register

http://www.theregister.co.uk/2016/09/16/pramworld_breach/

Which voting machines can be hacked through the Internet?

https://freedom-to-tinker.com/2016/09/20/which-voting-machines-can-be-hacked-through-the-internet/

Mozilla wants woeful WoSign certs off the list • The Register

http://www.theregister.co.uk/2016/09/27/mozilla_wants_woeful_wosign_certs_off_the_list/

Patch AGAIN: OpenSSL security fixes now need their own security fixes

http://www.theregister.co.uk/2016/09/26/openssl_patches_last_weeks_patch/

4.5 million web servers have private keys that are publicly known! Naked Security

https://nakedsecurity.sophos.com/2016/09/12/4-5-million-web-servers-have-private-keys-that-are-publicly-known/

Microsoft Patches Zero Day Flaw Used In Two Massive Malvertising Campaigns

http://www.darkreading.com/attacks-breaches/microsoft-patches-zero-day-flaw-used-in-two-massive-malvertising-campaigns/d/d-id/1326908?_mc=sm_dr&hootPostID=24b950465f4f7252b2558e544825d7ab

Indonesian arrested for playing porn on public billboard - E Hacker News

http://www.ehackingnews.com/2016/10/indonesian-arrested-for-playing-porn-on.html?m=1

Hacked Republican website skimmed donor credit cards for 6 months

http://arstechnica.com/security/2016/10/hacked-republican-website-skimmed-donor-credit-cards-for-6-months/

Netflix reminds password re-users to run a reset

http://www.theregister.co.uk/2016/10/16/netflix_reminding_password_reusers_to_run_a_reset/

Cybercrime, Roma tra le città con più 'computer zombie'

http://www.repubblica.it/tecnologia/sicurezza/2016/10/08/news/cybercrime_roma_tra_le_citta_con_piu_computer_zombie_-149349372/

Flaw in Intel chips could make malware attacks more potent

http://arstechnica.com/security/2016/10/flaw-in-intel-chips-could-make-malware-attacks-more-potent/

Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities

http://www.csoonline.com/article/3132533/security/researcher-says-adult-friend-finder-vulnerable-to-file-inclusion-vulnerabilities.html

Crims cram credit card details into product shots on e-shops

http://www.theregister.co.uk/2016/10/19/crims_cram_credit_cards_into_retail_product_pics_to_mock_popped_eshops/

Akamai finds longtime security flaw on 2 million Internet of Things devices | WIRED

https://www.wired.com/2016/10/akamai-finds-longtime-security-flaw-2-million-devices/

GlobalSign screw-up cancels top websites' HTTPS certificates

http://www.theregister.co.uk/2016/10/13/globalsigned_off/

Hackers pop 6000 sites on active 18-month carding bonanza

http://www.theregister.co.uk/2016/10/13/hackers_pop_6000_sites_on_active_18month_carding_bonanza/

Telnet, SSH prod of death smashes Cisco broadband boxes offline

http://www.theregister.co.uk/2016/10/12/cisco_security_updates/

Data Breaches In Healthcare Totaled Over 112 Million Records In 2015

http://www.forbes.com/sites/danmunro/2015/12/31/data-breaches-in-healthcare-total-over-112-million-records-in-2015/

Isolated computers hacked by USB drive

http://www.ehackingnews.com/2016/10/isolated-computers-hacked-by-usb-drive.html

Second hacking group targets SWIFT-connected banks

http://www.theregister.co.uk/2016/10/11/swift_bank_hacking_reloaded/

Hungarian bug-hunters spot 130, 000 vulnerable Avtech vid systems on Shodan

http://www.theregister.co.uk/2016/10/12/hungarian_bughunters_spot_130000_vulnerable_avtech_vid_systems_on_shodan/

Germany's Gundremmingen Power Plant Hit By Computer Viruses

http://www.ehackingnews.com/2016/10/germanys-gundremmingen-power-plant-hit.html

Hacker Steals 58 Million User Records from Data Storage Provider

http://news.softpedia.com/news/hacker-steals-58-million-user-records-from-data-storage-provider-509190.shtml?utm_content=buffer9f190&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

IAEA chief: Nuclear power plant was disrupted by cyber attack

http://in.reuters.com/article/nuclear-cyber-idINKCN12A1P1

Rogue proxies hijack HTTPS traffic - E Hacker News

http://www.ehackingnews.com/2016/10/rogue-proxies-hijack-https-traffic.html?m=1

Indonesian arrested for playing porn on public billboard - E Hacker News

http://www.ehackingnews.com/2016/10/indonesian-arrested-for-playing-porn-on.html?m=1

Is this the real life? Is this just fantasy? Spotify serving malware, no escape from reality • The Register

http://www.theregister.co.uk/2016/10/06/spotify_malware_free_music_service/

''Non aprite il link delle chat'', il virus fa paura su Facebook

http://www.repubblica.it/tecnologia/sicurezza/2016/10/04/news/_non_aprite_il_link_delle_chat_il_virus_fa_paura_su_facebook-149103190/