5 major US wireless carriers vulnerable to SIM swapping attacks
When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds
When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds
The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server, which comes pre-configured with multiple security tools and logging configuration. The […]
With the rise of instant messaging applications such as WhatsApp, Signal, and Telegram. A large number of similar applications have begun to steal telecommunications business revenue from SMS services. Recently, Android has launched a solution, namely its Converged Communications Service (RCS). It is understood that the service is consistent with Apple’s hybrid iMessage platform. Since […]
NFC expanded as Near Field Communication, contains a set of protocols that allows Android devices to establish communication at a very shortest range. NFC used for contactless payments, pairing of devices, file sharing, and access control. Nightwatch Cybersecurity noted that “NFC beaming of applications between devices using Android OS bypasses some security controls such as […]
A recent investigation by vulnerability testing specialists at security firm SafeBreach Labs has revealed the presence of a critical vulnerability in the Avira 2019 antivirus tool software. Tracked as CVE-2019-17449, this vulnerability could have been used to evade target system defenses, gain persistence, and perform privilege escalations by loading an arbitrary dynamic link library (DLL) […]
Until now, I’m sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS. If you are unaware, the name “SimJacker” has been given […]
Ironically, companies that offer information security services are also exposed to malicious hackers; they’re even a great target. Experts from the National Cyber Security Center (NCSC) and the National Security Agency (NSA) have released a report warning about serious vulnerabilities in some of the most popular virtual private network (VPN) services. The companies noted in […]
It is a common practice among programmers to copy-paste code snippets from the popular Q&A forum Stack Overflow to solve their coding problems. But it turns out that this lazy habit runs a high-security risk. A paper titled “An Empirical Study of C++ Vulnerabilities in Crowd-Sourced Code Examples,” highlights the same. Copied codes can result […]
After a group of IT system audit specialists performed an analysis on medical imaging systems connected to the public Internet, it has been concluded that nearly 600 servers, located in 52 different countries, lack the minimum protection measures against unauthorized access. According to the experts, the analyzed systems do not have update patches to protect […]
It seems that companies will never stop being inconvenienced by some security flaws. Vulnerability testing experts report that Cisco has extended the update patch to address a critical denial of service (DoS) vulnerability that was first detected and corrected in 2016. The vulnerability in question, tracked as CVE-2016-1409 is a flaw on the IPv6 packet […]
DetExploit is software that detect vulnerable applications and not-installed important OS updates on the system, and notify them to user. As we know, most of cyberattacks uses vulnerability that is released out year before. I thought this is huge problem, and this kind of technology should be more powerful than technology that will detect […]
Today the use of trackers has become widespread, particularly due to the fine balance found between their ease of use and the security benefits attained. They can help you track your loved ones in real-time through GPS technology and hence be their safe keeper even from far away. However, a crucial process among this is […]
Today, security researchers at Google shattered the common belief that iPhones are non-susceptible to hacking. The researchers have revealed that a number of websites were hacking iPhones secretly for the past two years using indiscriminate watering hole attacks. Discussing in a lengthy blog post, Google Project Zero’s Ian Beer says that the attack involved no […]
A team of ethical hacking specialists from Eclypsium security firm has revealed a report describing a critical vulnerability present in the design of software used in modern drivers that, if exploited, would allow threat actors to get high privileges that would guarantee them unrestricted access to hardware. Reports claim that more than 40 hardware manufacturers […]
A speculative execution vulnerability has been discovered by BitDefender researchers in systems running Intel modems built since 2012. SWAPGS vulnerability allows a malware-ridden program to access the computer’s kernel memory. This, in turn, allows the hacker to read sensitive data such as passwords, chat messages, e-mails, payment information and more. At the BlackHat conference 2019, […]
Andrill is an android mobile application interacting with a back-end API that is vulnerable with various levels of difficulty. It provides a test environment for security professionals, security enthusiast and the programmers who are eager to learn about mobile security. Easy to Setup Andrill back-end server can be easily setup by a docker command. The […]
The IT security researchers at Rapid7 have reported a critical vulnerability in the modern flight systems of small planes allowing hackers with physical access to take control of targeted aircraft. The US Department of Homeland security’s Cybersecurity and Infrastructure Security Agency (CISA) has also acknowledged the issue. The security advisory issued Tuesday stated that the vulnerability […]
Currently it is no longer uncommon to hear about cases where technology companies intentionally omit the security issues present in their products or services. This time, the company involved is Cisco, which has just reached an agreement to pay $8.6M USD after admitting that it sold surveillance software vulnerable to multiple variants of cyberattack, reported […]
What could be more horrifying than knowing that a hacker can trick the plane’s electronic systems into displaying false flight data to the pilot, which could eventually result in loss of control? Of course, the attacker would never wish to be on the same flight, so in this article, we are going to talk about […]
ProFTPD is an open-source and one of the most popular FTP server software used by more than one million servers all over the world. It comes pre-installed on several Linux and Unix-based distributions, including Debian. A German security researcher has revealed a security flaw that makes ProFTPD servers vulnerable to remote code execution attacks. Tobias […]
Instant messaging apps like WhatsApp and Telegram keep your messages encrypted in transit, but once a media file reaches your phone, the same cannot be guaranteed. Researchers from Symantec have demonstrated how a vulnerability in WhatsApp and Telegram can be exploited by hackers to hijack the media files that are sent through these services. How […]