venerdì, marzo 31, 2017

Point-and-pwn tool for posers dumbs down ransomware spreading

The Clever ‘DoubleAgent’ Attack Turns Antivirus Into Malware

WONTFIX: No patch for Windows Server 2003 IIS critical bug – Microsoft

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

Potent LastPass exploit underscores the dark side of password managers

Hackers suben pornografía infantil al ordenador del presidente checo

Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow

Attackers Leverage Excel, PowerShell and DNS in Latest Non-Malware Attack

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

Microsoft Outlook, Skype, OneDrive hit by another authentication issue

Moodle – Remote Code Execution

Researchers found two Safari Zero Day Exploits at Pwn2Own

Long-Secret Stingray Manuals Detail How Police Can Spy on Phones

A simple command allows the CIA to commandeer 318 models of Cisco switches

Ransomware scammers exploited Safari bug to extort porn-viewing iOS users

mercoledì, marzo 29, 2017

Recruiters considered really harmful: Devs on GitHub hit with booby-trapped fake job emails • The Register

Exclusive: A criminal group using SSH TCP direct forward attack is also targeting Italian infrastructure

Vulnerability found in Service module of Drupal

An insecure mess: How flawed JavaScript is turning web into a hacker's playground

Dahua, Hikvision IoT Devices Under Siege

Preinstalled Malware Targeting Mobile Users

How I found a $5,000 Google Maps XSS (by fiddling with Protobuf)

Critical vulnerability under “massive” attack imperils high-impact sites [Updated]

Detenido en Tenerife un 'hacker' por robar información fiscal de familiares del Rey Juan Carlos

Content-Type: Malicious - New Apache 0-day Under Attack

Security Vulnerability in McDonald's India allows hackers to access Customer data

Everyone Is Falling For This Frighteningly Effective Gmail Scam

Google Points to Another POS Vendor Breach

Millions of records leaked from huge US corporate database

Twitter Accounts Hacked with Swastikas Through Third Party App 'Twitter Counter'

In-the-wild exploits ramp up against high-impact sites using Apache Struts

Detecting and eliminating Chamois, a fraud botnet on Android

Nintendo Switch’s secret browser has a flaw that could lead to a jailbreak

Slack bug granted hackers full access to your account and messages

Hacking Unicorns with Web Bluetooth

Hackers who took control of PC microphones siphon >600 GB from 70 targets

Hackers could easily bypass SBI's OTP security

A Chip Flaw Strips Away Hacking Protections for Millions of Devices

63 Universities and US Government agencies breached by hacker

Ransomware scammers exploited Safari bug to extort porn-viewing iOS users

Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in http server

Payments Giant Verifone Investigating Breach

Cybercrime, l'allarme di Bankitalia: un'impresa su tre sotto attacco

UK’s largest hospital chain hit by previously unseen malware

Singapore’s Defence Ministry hit by 1st cyber attack

Bitcoin hotel hack victim speaks out