Router manufacturers such as Netgear and ZyXEL have failed to address seven security flaws reported by security researchers in the last three or more months. Following unofficial industry standards, the security teams who found these flaws published their findings, so users can take precautionary measures, and decide if they still want to keep using the […]
There is a fresh ransomware campaign circulating on the web that is spreading Cerber ransomware. This campaign is quite dangerous because it has the tendency of infecting a large number of systems. Andra Zaharia, a member Heimdal Security research team states that this ransomware campaign affects not just individual internet users but also enterprises. The research […]
The vibrators that have the ability to connect to the internet have come under the hammer for gathering private data of customers. The manufacturer of these Smart Toys aims to settle a class-action privacy lawsuit, which was recently filed by a complainer in an Illinois federal court, by agreeing to the terms of the plaintiff’s […]
In 2016, there have been a rise in distributed denial-of-service (DDoS) attacks against Internet giants as well as small business. The attack on Dyn DNS that forced Twitter, PayPal, NYT and others to go offline is one good example, thanks to unprotected Internet of Things (IoT) devices and botnets like Mirai and Bashlite. To tackle these growing threats companies are looking for a permanent […]
Microsoft Edge was pwned twice while VMware WorkStation 12.5.1. was also compromised — In return, the hackers received a large amount of money. At the Power of Community security conference that is being held in Seoul, Thursday was the day the security community was waiting for as it was the PwnFest 2-16 event day. At then […]
Short Bytes: Do you know about Microsoft’s 10 Immutable Laws Of Security? These laws might be a few years old, but they act as a solid guide on security principles. These laws cover various aspects like the importance of security, the safety of encryption keys, and update antimalware scanner. More than a decade ago, Microsoft revealed […]
A mobile banking trojan called Trojan-Banker.AndroidOS.Gugi.c, or “Gugi” for short, found no problem bypassing a couple of the security measures introduced in Android 6. The name of the game is social engineering when it comes to a Gugi infection. According to Kaspersky Lab’s senior malware analyst Roman Unuchek, the trojan first infects a device by […]
Short Bytes: The public sector has played a major role in popularizing the open source software. By realizing the cost benefits and transparency, countries from all around the world are making new laws. NetworkWorld has clubbed together this information in the form of an interactive map. The map shows that Europe, East Asia, and South America […]
During the last weeks we’ve been investigating multiple aspects of GSM security such as protocol vulnerabilities as well as source auditing the world’s most common open source software products that run GSM networks. In this post we’ll share the details about multiple vulnerabilities in such software which allow an attacker to compromise a BTS station, […]
Rafay Baloch is a Pakistani ethical hacker who is known and respected worldwide — This time, he reported an Address Bar Spoofing Vulnerability in Chrome and FireFox and earned $5000 in return! Rafay Baloch, a Pakistani security researcher and ethical hacker discovered a critical security flaw in Chrome and FireFox browsers that would let an attacker […]
An IT security firm CheckPoint has discovered a set of critical security flaws in several Android devices affecting 900 million users worldwide. Dubbed QuadRooter by the research team, these security flaws can provide an attacker full access to any smartphone that is built using Qualcomm chipsets. Currently, Qualcomm processors are being used in 900 million Android devices. Qualcomm is the world’s […]
Venmo has patched multiple flaws that could have allowed an attacker to steal as much as $2,999.99 from unsuspecting victims using Siri. Venmo is a mobile app that allows friends to exchange payments between one another in a simplified way. Those with the app can pay a friend for covering a dinner bill, for example. […]
A research discovered two zero-day vulnerabilities residing in the official BMW web domain and ConnectedDrive portal that allow remote hack. Once again IoT devices are affected by a serious flaw that could be exploited by hackers to compromise them, this time we speak of Car Hacking. Almost any modern connected vehicle uses a drive-by-wire system that […]
Lenovo fixed two flaws (CVE-2016-5249, CVE-2016-5248) in the Lenovo Solution Center, once again the company faces problems with pre-installed bloatware. Lenovo has fixed two high severity vulnerabilities, CVE-2016-5249, and CVE-2016-5248, in its Lenovo Solution Center that could be exploited by hackers to gain access to vulnerable machines and to kill any process running on them. The […]
Advantech has published a new version of its WebAccess product to address vulnerabilities that put installations at risk to remote code execution attacks. Exploiting the vulnerabilities would be a challenge, however, according to an advisory published Tuesday by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). ICS-CERT said the flaws patched in versions prior […]
Hackers contracted by the DoD under the Hack the Pentagon initiative have found more than 100 vulnerabilities exceeding Government’s expectations. Do you remember the ‘Hack the Pentagon‘ initiative? ‘Hack the Pentagon’ is the initiative launched by the US Government this year to test the resilience to cyber attacks of the US defenses. The Pentagon has launched the […]
Yesterday, FORBES published a profile of a $20 million spy service that exploits weaknesses in a critical piece of telecoms networks known as SS7, short for Signalling System No. 7. The company claimed it was able to surveil any phone from anywhere on the planet with just a telephone number. The firm, Ability Inc, abuses much-publicised problems […]
Ever think a social networking site that is currently counted among the world’s top three social media platforms would steep so low just to boost Likes or for other marketing purposes? According to reports, Facebook historically scanned private text messages of its users for identifying links to websites and treated them as Likes. We do know that […]
Slovenian Student Gets Sentenced for Reporting Configuration flaws in Tetra Protocol Is it possible that somebody could be sent to jail for identifying security flaws in a protocol that is being used by the local Police department? This particular news report strengthens the notion that it certainly can happen. Reports have it that a 26-year […]
The famous adult content website Pornhub has decided to let hackers report security flaws and vulnerability on its computer system and earn $50 to $25,000! Pornhub, known for its verity of pornography content has announced its bug bounty program on Tuesday. The website is owned by MindGeek, a Canadian-based IT company active in x-rated content […]
A SMOKE DETECTOR that sends you a text alert when your house is on fire seems like a good idea. An internet-connected door lock with a PIN that can be programmed from your smartphone sounds convenient, too. But when a piece of malware can trigger that fire alarm at four in the morning or unlock […]