Browsing author
With the rise of inexpensive Virtual Servers and popular services that install insecurely by default, coupled with some juicy vulnerabilities, like CVE-2015-5377 andCVE-2015-1427, this year will be an interesting one for Elasticsearch. Elasticsearch provides plenty of targets for people to exploit and create server-based botnets but in fairness it is not only Elasticsearch that suffers […]
Google got accidentally DDoSed by an unnamed European network carrier, sending its cloud service offline on the old continent for about an hour. The incident occurred last Monday, but it is only now that Google has decided to explain exactly what happened. According to a Google blog post, the accidental denial of service happened in […]
The Chinese Government says it has arrested the hackers responsible for breaching the Office of Personnel Management database (OPM). The Chinese government has arrested hackers accused of breaking into the Office of Personnel Management databases, According to The Washington Post, the Chinese government has arrested the hacking crew that breached the Office of Personnel Management (OPM). “The Chinese […]
This report is the continuation of “#root via SMS”, a research made by the SCADA Strangelove team in 2014. It was devoted to telecommunications equipment vulnerabilities with modem flaws only partially covered. This document describes vulnerabilities found and exploited in eight popular 3G and 4G modems available in Russia and worldwide. The findings include Remote […]
The UK’s digital spy agency, GCHQ, has admitted for the first time in court that it hacks computers, smartphones, and networks in the UK and abroad. GCHQ’s use of hacking — known in official parlance as computer network exploitation or CNE — has been an open secret since the Snowden revelations in 2013, but a legal […]
Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environments to IP networks. Most recently, independent security researcher Neil Smith found hard-coded SSH keys in the Advantech EKI series of devices, while a year ago […]
It is easy to hack a domain and set up scams for visitors but using a government email address to run a phishing campaign is a bit odd. Recently, I received an email which of course went straight to spam. I wouldn’t care if it was a random email but, in fact, it was from a state […]
New day, new phishing attack! This time, it’s the Apple id which has been used by the attackers to steal from the innocent users. A phishing email has been discovered alerting Apple users that their Apple ID would be suspended if they do not complete a verification within time. The email further states that the […]
A hacking group (Armada Collective) which was previously held responsible for launching DDoS attacks on ProtonMail is back and this time targeting Greek banks and using the old DDoS-for-Bitcoin extortion scheme. In the ProtonMail case, the company paid ransom to the group but Greek banks contacted law enforcement authorities instead. The attacks started on 26th […]
Thailand police servers are the latest in the online breaches — This breach is a part of the campaign (#OpSingleGateway) launched by Anonymous against the Thai government. The server breach allowed Anonymous to leak private information regarding Thai officers and some evidence records. #OpSingleGateway is a campaign launched by Anonymous activists to protest and attract the […]
Microsoft has started to offer potentially unwanted application (PUA) protection in its anti-malware products for enterprise firms. The news means that businesses will finally have an easy way of removing adware, browser hijackers and any other piece of software that deploys programs without the user’s knowledge or consent. The PUA protection is now available as […]
Attackers can bypass authentication and access patient data. CERT/CC sounded the alarm on users of the Cardio Server ECG Management System, a broad-scope healthcare data management system used in many medical units, from small clinics to large city hospitals. The Epiphany Cardio Server is a self-hosted Web application that provides a centralized data management system for […]
Short Bytes: Facing problems with your broadband connection is a common headache that most people struggle with. The UK telecom regulator Ofcom has released a powerful app that tests your WiFi and gives you suggestions to improve your internet connection. The UK telecom watchdog Ofcom has launched a mobile app to find problems with your […]
Short Bytes: Anonymous is planning to ‘celebrate’ December 11 as an ‘anti-ISIS day of rage’. The hacktivist collective is planning to fill the feed of ISIS Twitter accounts with photos of dead ISIS terrorists and goats. The hacktivist collective Anonymous has revealed its new technique to mock ISIS on the social media. In the past, […]
China is being blamed for a major cyber attack on the computers at the Bureau of Meteorology, which has compromised sensitive systems across the Federal Government. Multiple official sources have confirmed the recent attack, and the ABC has been told it will cost millions of dollars to plug the security breach, as other agencies have […]
Apparently tech support scams never get old. But they have gotten more aggressive, according to a Symantec blog post penned by researcher Deepak Singh. “We’ve recently seen many instances where attackers serve tech support scams and the Nuclear exploit kit almost simultaneously,” Singh wrote. “We found that the scam’s web pages include an iframe redirecting users […]
Hackers have targeted three Greek banks for a third time in five days, demanding a ransom from each lender of 20,000 bitcoin (€7m), according to Greek police and the country’s central bank. A group calling itself the Armada Collective demanded the bitcoin ransom after staging its first attacks last Thursday, and then threatened a full […]
ig brands are asked to pay royalties for usage of HTTPS A Texas company filed over 60 lawsuits against big brands that utilize HTTPS on their Web servers, arguing it that deserves monetary compensations for one of the technologies used to encrypt Web traffic. The company, named CryptoPeak Solutions, can easily be categorized as a […]
Yesterday HackRead reported how Anonymous breached into the official website of the United Nations Framework Convention on Climate Change (UNFCCC) and leaked a trove of personal information of about 1415 officials. We also reported that Anonymous is gearing up for a second leak related to the ongoing Cop21 conference. As promised, Anonymous has now breached […]
A group from Brazil has started an unusual campaign against the people who make racist comments on the Internet. What they do is they pick up comments from the virtual (online) world to the real world where they post those comments on the billboards near the place where online commenters live. The group is known […]
Blackberry is all set to shut down its operations in Pakistan. The statement came from the company after continuing request from the government to install a backdoor in the enterprise devices. Blackberry earlier this year received a ban from PTA (Pakistani Telecommunications Authority) when the company refused to install backdoors in their devices. The ban […]