Post

Visualizzazione dei post da gennaio, 2017

WTF is your problem, Netgear? Another hijack hole found in its routers • The Register

https://www.theregister.co.uk/2017/01/31/major_security_hole_in_netgear_routers/

Majority of Android VPNs can’t be trusted to make users more secure

https://arstechnica.com/security/2017/01/majority-of-android-vpns-cant-be-trusted-to-make-users-more-secure/

OpenSSL pushes trio of DoS-busting patches • The Register

https://www.theregister.co.uk/2017/01/31/openssl_patches/

VMware's enterprise mobility management tool can p0wn itself • The Register

https://www.theregister.co.uk/2017/01/31/vmwares_enterprise_mobility_management_tool_can_p0wn_itself/

We don't want to alarm you, but PostScript makes your printer an attack vector • The Register

https://www.theregister.co.uk/2017/01/31/postscript_bug/

WordPress slips out three quick patches • The Register

https://www.theregister.co.uk/2017/01/29/wordpress_drops_end_of_jan_quick_patch_run/

Big Blue's BigInsights has big-ish bugs • The Register

https://www.theregister.co.uk/2017/01/30/big_blue_bogs_admin_owning_big_data_bugs/

Cisco TelePresence control software had remote-exploitable bug • The Register

https://www.theregister.co.uk/2017/01/29/cisco_telepresence_control_software_had_remoteexploitable_bug/

Marketing company leaks 17,000 recorded phone calls, many with credit card numbers • The Register

https://www.theregister.co.uk/2017/01/30/firm_that_leaked_13m_records_laughs_at_firm_that_leaked_400k_records/

More mobe malware creeps into Google Play – this time, ransomware • The Register

https://www.theregister.co.uk/2017/01/26/ransomware_infiltrates_google_mobe_market/

Uber pays hacker US$9,000 for partner firm's bug • The Register

https://www.theregister.co.uk/2017/01/27/uber_bug_bounty/

Bookish hacker finds holes in Amazon, Apple, Google epub services • The Register

https://www.theregister.co.uk/2017/01/27/bookish_hacker_finds_holes_in_amazon_apple_google_epub_services/

How one man could have deleted any public Facebook video

https://nakedsecurity.sophos.com/2017/01/26/how-one-man-could-have-deleted-any-public-facebook-video/

Disk-nuking malware takes out Saudi Arabian gear. Yeah, wipe that smirk off your face, Iran • The Register

https://www.theregister.co.uk/2017/01/26/shamoon_2_hits_saudi_arabian_targets/

Occhio a quel che copiate (e incollate) nella console Linux | Mia mamma usa Linux!

https://www.miamammausalinux.org/2017/01/occhio-a-quel-che-copiate-e-incollate-nella-console-linux/

Hackers Tear Apart Trend Micro, Find 200 Vulnerabilities In Just 6 Months

http://www.forbes.com/sites/thomasbrewster/2017/01/25/trend-micro-security-exposed-200-flaws-hacked/

Western Digital fixes remote execution bug in My Cloud Mirror • The Register

https://www.theregister.co.uk/2017/01/25/western_digital_fixes_remote_execution_bug_in_my_cloud_mirror/

Cisco's WebEx Chrome plugin will execute evil code, install malware via secret 'magic URL' • The Register

https://www.theregister.co.uk/2017/01/23/webex_hid_url_for_remote_command_execution/

Microsoft fixes remote desktop app Mac hole • The Register

https://www.theregister.co.uk/2017/01/24/microsoft_fixes_remote_desktop_app_mac_hack/

Kid hackers break XSS defences, find hack hole in 2 million websites • The Register

https://www.theregister.co.uk/2017/01/24/kid_hackers_break_xss_defences_find_hack_hole_in_2_million_websites/

What links macOS, iOS, Safari, tvOS, watchOS? They all need patching • The Register

https://www.theregister.co.uk/2017/01/23/apple_fresh_crop_security_fixes/

It's 2017 and 200,000 services still have unpatched Heartbleeds

https://www.theregister.co.uk/2017/01/23/heartbleed_2017/

Lloyds Bank outage: DDoS is prime suspect

https://www.theregister.co.uk/2017/01/23/lloyds_outage/

BadUSB – now with Do-It-Yourself instructions

https://nakedsecurity.sophos.com/2014/10/06/badusb-now-with-do-it-yourself-instructions/

Stealing passwords from McDonald's users - Tijme Gommers

https://finnwea.com/blog/stealing-passwords-from-mcdonalds-users

General Electrics plays down industrial control plant vulnerabilities • The Register

https://www.theregister.co.uk/2017/01/20/ge_scada_vulns/

Trump's 'cyber tsar' Giuliani among creds leaked in mass hacks • The Register

https://www.theregister.co.uk/2017/01/20/trump_cab_creds_haveibeenpwned/

Cybercrime and fraud scale revealed in annual figures

http://www.crime-research.org/news/01.19.2017/4020/

Who is Anna-Senpai, the Mirai Worm Author? — Krebs on Security

https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/

Ooooh, that's NASty. Security-watchers warn over man-in-the-middle risk • The Register

https://www.theregister.co.uk/2017/01/18/qnap_nas_vuln/

Adobe's naughty Chrome telemetry code had XSS problem • The Register

https://www.theregister.co.uk/2017/01/19/adobe_telemetry_patch_patched_against_xss/

SOHOpeless routers offer hard-coded credentials and command injection bugs • The Register

https://www.theregister.co.uk/2017/01/18/zyxel_billion_ignore_hardcoded_credentials_and_command_injection_bugs/

Ransomware scum infect cancer non-profit • The Register

https://www.theregister.co.uk/2017/01/18/ransomware_scum_infect_cancer_nonprofit/

Hacker cracks Facebook with remote code execution bug • The Register

https://www.theregister.co.uk/2017/01/18/facebook_imagemagick/

Promising compsci student sold key-logger, pleads guilty, faces jail

http://www.theregister.co.uk/2017/01/14/students_keylogger_guilty/

UK's largest hospital trust battles Friday 13th malware outbreak • The Register

http://www.theregister.co.uk/2017/01/13/barts_nhs_hospital_malware/

ISC squishes BIND packet-of-death bugs

http://www.theregister.co.uk/2017/01/13/isc_fixes_bind_denialofservice_vuls/

Ansible patches 'own the farm' vulnerability • The Register

http://www.theregister.co.uk/2017/01/11/ansible_patches_own_the_farm_vulnerability/

What do you call a firm that leaves customer financials unencrypted on a hard drive? RSA • The Register

http://www.theregister.co.uk/2017/01/10/rsa_fined_150k_over_stolen_hard_drive_containing_customer_details/

Insurer hit with fine after unencrypted NAS stolen Naked Security

https://nakedsecurity.sophos.com/2017/01/12/insurer-hit-with-fine-after-unencrypted-nas-stolen/

Cyberspionaggio, il superpoliziotto rimosso per i suoi silenzi: "Ho sottovalutato i rischi"

http://www.repubblica.it/cronaca/2017/01/12/news/cyberspionaggio_di_legami-155860222/

It's now 2017, and your Windows PC can still be pwned by a Word file • The Register

http://www.theregister.co.uk/2017/01/10/windows_patch_tuesday/

Autocomplete a novel phishing hole for Chrome, Safari crims

http://www.theregister.co.uk/2017/01/10/autocomplete_a_novel_phishing_hole_for_chrome_safari_crims/

Bank leaks 60000 account details in three character email slip-up Naked Security

https://nakedsecurity.sophos.com/2017/01/09/bank-leaks-60000-account-details-in-three-character-email-slip-up/

Two years on, thousands of unpatched Magento shops still being carded • The Register

http://www.theregister.co.uk/2017/01/10/unpatched_magento_shops_still_being_carded/

Cyberspionaggio contro Renzi, Draghi e Monti: due arresti della polizia a Roma

http://www.repubblica.it/cronaca/2017/01/10/news/cyberspionaggio_polizia_arresti-155733437/

UPDATE: Valleys pays ransom with Cyber Insurance Soloman Smith - The Valley Star

http://thevalleystar.com/valleys-pays-ransom-with-cyber-insurance/

MongoDB ransom attacks soar, body count hits 27,000 in hours • The Register

http://www.theregister.co.uk/2017/01/09/mongodb/

Website of Military of Venezuela hacked

http://www.ehackingnews.com/2017/01/website-of-military-of-venezuela-hacked.html

VNC server library gets security fix • The Register

http://www.theregister.co.uk/2017/01/09/vnc_server_library_gets_security_fix/

Ransomware scum: 'I believe I'm a good fit. See attachments' • The Register

http://www.theregister.co.uk/2017/01/05/ransomware_scum_i_believe_im_a_good_fit_see_attachments/

Hacker claims FBI CMS zero day hack, dumps 155 purported logins • The Register

http://www.theregister.co.uk/2017/01/05/hacker_claims_fbi_cms_zero_day_hack_dumps_155_purported_logins/

Hackers could explode horribly insecure smart meters, pwn home IoT • The Register

http://www.theregister.co.uk/2017/01/04/smart_metres_ccc/

Kaspersky fixing serious certificate slip • The Register

http://www.theregister.co.uk/2017/01/04/kaspersky_fixing_serious_certificate_slip/

Programmer finds way to liberate ransomware'd Google Smart TVs • The Register

http://www.theregister.co.uk/2017/01/03/programmer_finds_way_to_liberate_ransomwared_google_smart_tvs/

Android tops 2016 vuln list, with 523 bugs • The Register

http://www.theregister.co.uk/2017/01/03/android_tops_2016_vuln_list_with_523_bugs/