Post

Visualizzazione dei post da dicembre, 2017

Braking news: Nissan Canada hacked, up to 1.1m Canucks exposed • The Register

https://www.theregister.co.uk/2017/12/22/nissan_canada_hacked/

WordPress captcha plugin on 300,000 sites had a sneaky backdoor • The Register

https://www.theregister.co.uk/2017/12/20/backdoor_wordpress_captcha/

T-Mobile Alerted ‘A Few Hundred Customers’ Targeted By Hackers

https://motherboard.vice.com/en_us/article/a37epb/t-mobile-alert-victims-sim-card-hack

Maritime comms flaws exposed: It's OK cuz we canned it, says vendor

https://www.theregister.co.uk/2017/10/26/inmarsat_maritime_sat_comms_security/

Bluetooth vulnerability - BLEAH

https://www.evilsocket.net/2017/09/23/This-is-not-a-post-about-BLE-introducing-BLEAH/index.html

Università: studentessa a processo per i voti truccati

http://www.trentotoday.it/cronaca/voti-truccati-studentessa-universita-trennto.html

How A Coffee Machine Infected Factory Computers with Ransomware

https://www.hackread.com/how-a-coffee-machine-infected-factory-computers-with-ransomware/

Android Bug Lets Attackers Record Audio & Screen Activity on 3 of 4 Smartphones

https://www.bleepingcomputer.com/news/security/android-bug-lets-attackers-record-audio-and-screen-activity-on-3-of-4-smartphones/

Boeing 757 Testing Shows Airplanes Vulnerable to Hacking, DHS Says

http://www.aviationtoday.com/2017/11/08/boeing-757-testing-shows-airplanes-vulnerable-hacking-dhs-says/

Motherboard Hacking Livestream: Hacking Routers And Monitoring Traffic

https://www.youtube.com/watch?v=MfeC30eZKI8

McAfee's own anti-hacking service exposed users to banking malware

http://www.zdnet.com/article/mcafees-own-anti-hacking-service-exposed-users-to-banking-malware/

Fake news ‘as a service’ booming among cybercrooks

https://www.theregister.co.uk/2017/11/17/fake_news_as_a_service/

Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS

https://www.theregister.co.uk/2017/11/16/dji_private_keys_left_github/

ID card security: Spain is facing chaos over chip crypto flaws

http://www.zdnet.com/article/id-card-security-spain-is-facing-chaos-over-chip-crypto-flaws/

Hacker Breaches Sacramento Public Transportation System, Asks for 1 BTC Ransom

https://www.bleepingcomputer.com/news/security/hacker-breaches-sacramento-public-transportation-system-asks-for-1-btc-ransom/

Kerberos vulnerability -Orpheus' Lyre

https://www.orpheus-lyre.info/

More than a Million Pro-Repeal Net Neutrality Comments were Likely Faked

https://hackernoon.com/more-than-a-million-pro-repeal-net-neutrality-comments-were-likely-faked-e9f0e3ed36a6

Imgur confirms email addresses, passwords stolen in 2014 hack

http://www.zdnet.com/article/imgur-reveals-hackers-stole-login-data/

Shipping giant refuses to pay hackers ransom after data stolen

https://www.welivesecurity.com/2017/11/30/shipping-giant-hackers-ransom-data/

Thousands of Serial-To-Ethernet Devices Leak Telnet Passwords

https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/

Russian hacker group stole 40 million rubles from the Automobile Carriers

http://www.ehackingnews.com/2017/12/russian-hacker-group-stole-40-million.html

Halloware Ransomware on Sale on the Dark Web for Only $40

https://www.bleepingcomputer.com/news/security/halloware-ransomware-on-sale-on-the-dark-web-for-only-40/

App Android promette di aggiornare il tuo telefono 3, ma è uno spyware che ti ruba i dati

http://www.repubblica.it/tecnologia/sicurezza/2017/12/04/news/app_android_promette_di_aggiornare_il_tuo_telefono_3_ma_e_uno_spyware_che_ti_ruba_i_dati-183007905/

Keybase Bug Might Have Backed up Your Private Encryption Key on Google's Servers

https://www.bleepingcomputer.com/news/security/keybase-bug-might-have-backed-up-your-private-encryption-key-on-googles-servers/

Andromeda botnet taken down, Belarusian involved arrested

http://www.ehackingnews.com/2017/12/andromeda-botnet-taken-down-belarusian.html

Ethiopia Allegedly Spied on Security Researcher With Israel-Made Spyware

https://motherboard.vice.com/en_us/article/j5d8ng/ethiopia-allegedly-spied-on-security-researcher-with-israel-made-spyware

Virtual Keyboard Developer Leaked 31 Million of Client Records

https://mackeepersecurity.com/post/virtual-keyboard-developer-leaked-31-million-of-client-records

Mecklenburg government paralyzed as hacked computer files are held for ransom

http://www.charlotteobserver.com/news/local/article188227084.html

100,000-strong botnet built on router 0-day could strike at any time

https://arstechnica.com/information-technology/2017/12/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time/

International team takes down virus-spewing Andromeda botnet

https://www.theregister.co.uk/2017/12/05/international_team_takes_down_virusspewing_andromeda_botnet/

74% of All Bitcoin-Related Sites Suffered a DDoS Attack

https://www.bleepingcomputer.com/news/security/74-percent-of-all-bitcoin-related-sites-suffered-a-ddos-attack/

Banking Apps Found Vulnerable to MITM Attacks

https://threatpost.com/banking-apps-found-vulnerable-to-mitm-attacks/129105/

Largest Crypto-Mining Exchange Hacked; Over $70 Million in Bitcoin Stolen

https://thehackernews.com/2017/12/bitcoin-mining-hacked.html

Leftover Synaptics debugger puts a keylogger on laptops

https://www.theregister.co.uk/2017/12/11/hp_synaptics_keylogger/

Australian airport hack was “a near miss” says government’s cybersecurity expert

https://hotforsecurity.bitdefender.com/blog/australian-airport-hack-was-a-near-miss-says-governments-cybersecurity-expert-19326.html

New Ruski hacker clan exposed: They're called MoneyTaker, and they're gonna take your money

https://www.theregister.co.uk/2017/12/11/russian_bank_hackers_moneytaker/

Google's Project Zero reveals Apple jailbreak exploit

https://www.theregister.co.uk/2017/12/12/apple_jailbreak_exploit/

1.4 Billion Clear Text Credentials Discovered in a Single Database

https://medium.com/4iqdelvedeep/1-4-billion-clear-text-credentials-discovered-in-a-single-database-3131d0a1ae14

Archive of 1.4 BEEELION credentials in clear text found in dark web archive

https://www.theregister.co.uk/2017/12/12/archive_of_14_beeelion_credentials_in_clear_text_found_in_dark_web_archive/

Someone hacked this traffic sign with anti-Trump messages

https://www.hackread.com/someone-hacked-traffic-sign-anti-trump-message/

Satori botnet rears its head, exploiting IoT vulnerabilities

https://www.bitdefender.com/box/blog/iot-news/satori-botnet-rears-head-exploiting-iot-vulnerabilities/

Up to 'ONE BEEELLION' vid-stream gawpers toil in crypto-coin mines

https://www.theregister.co.uk/2017/12/13/adguard_video_streaming_mining/

Unprecedented Malware Targets Industrial Safety Systems in the Middle East

https://www.wired.com/story/triton-malware-targets-industrial-safety-systems-in-the-middle-east/

VPN credentials disclosure in Fortinet FortiClient

https://www.sec-consult.com/en/blog/advisories/vpn-credentials-disclosure-in-fortinet-forticlient/index.html

Starbucks Wi-Fi hijacked customers’ laptops to mine cryptocurrency

https://nakedsecurity.sophos.com/2017/12/14/starbucks-wi-fi-hijacked-customers-laptops-to-mine-cryptocurrency/

Triton: hackers take out safety systems in 'watershed' attack on energy plant

https://www.theguardian.com/technology/2017/dec/15/triton-hackers-malware-attack-safety-systems-energy-plant

New PRILEX ATM Malware used in targeted attacks against a Brazilian bank

https://securityaffairs.co/wordpress/66819/malware/prilex-atm-malware.html

Hackers shut down plant by targeting its safety system

https://www.engadget.com/2017/12/17/hackers-shut-down-plant-by-targeting-safety-system/

Bitcoin exchange shuts down after being hacked twice in one year

https://hotforsecurity.bitdefender.com/blog/bitcoin-exchange-shuts-down-after-being-hacked-twice-in-one-year-19350.html

Windows 10 bundles a briefly-vulnerable password manager • The Register

https://www.theregister.co.uk/2017/12/18/windows_10_bundles_vuln/

Brrr! It's a snow day and someone has pwned the chuffin' school heating • The Register

https://www.theregister.co.uk/2017/12/12/building_heating_systems_still_hackable/

Dynamics 365 sandbox leaked TLS certificates • The Register

https://www.theregister.co.uk/2017/12/11/dynamics_365_sandbox_leaked_tls_certificates/

Android flaw lets attack code slip into signed apps • The Register

https://www.theregister.co.uk/2017/12/08/android_flaw_lets_attack_code_slip_into_signed_apps/

UK.gov law resources now untrustworthy, according to browsers • The Register

https://www.theregister.co.uk/2017/12/08/moj_website_ssl_certificate_expires/

Next-gen telco protocol Diameter has last-gen security – researchers • The Register

https://www.theregister.co.uk/2017/12/08/diameter_protocol_security_shortcomings/

RSA coughs to critical-rated bug in its authentication SDK

https://www.theregister.co.uk/2017/12/03/rsa_auhentication_bugs/

PayPal paid $US233m for company that leaked 1.6 million records

https://www.theregister.co.uk/2017/12/04/paypal_tio_data_breach/