Browsing tag
Spotify is a Swedish-based audio streaming and media services provider, with over 299 million active monthly users in 2020. Noam Rotem and Ran Locar, vpnMentor’s research team have discovered a potential credential stuffing operation whose origins are unknown, but that affected some online users who even have Spotify accounts. Credential stuffing is a hacking technique that takes advantage of […]
A report by network security experts states that threat actors are able to exploit some recently found vulnerabilities in remote management devices to insert a virtual storage drive into a target system; In other words, using this method of attack the hackers can turn any USB device into a virtual Trojan. The experts, members of […]
According to vulnerability testing specialists, the software developer Canonical has just announced the release of a set of important security updates for the Linux kernel. According to the report, the updates cover all operating Ubuntu Linux systems supported, as well as addressing 28 security vulnerabilities. Among all the reported vulnerabilities, the most dangerous one, tracked […]
Multiple Linux-based exploits have caught the attention of vulnerability testing experts over the more recent years, such as the dangerous Stagefright, RAMpage and Dagger. Recently, smartphone manufacturers Xiaomi and OnePlus released some security updates unexpectedly and early, a fact that triggered alarms at the possible existence of a serious vulnerability. In the end these assumptions […]
A website security specialist dedicated to the bug reporting helped fix a critical SQL injection flaw affecting an enterprise database in the famous coffee chain Starbucks. The flaw could have exposed confidential financial and accounting data. Thanks to his discovery, expert Eugene Lim (also known as ‘spaceraccoon’) received a $4,000 bounty, paid through Starbucks’ vulnerability […]
The gamer community is not safe from cyberattacks, as there are multiple groups of malicious hackers that consider it a hunting territory for economic gain or cause disruptions on some platforms or against users. This time, a web application security expert claims to have discovered critical zero-day vulnerability in the Windows client of the popular […]
We have repeatedly reported here in hackercombat.com about stories regarding email triggering malware intruding into the internal network and eventually leaking a considerable amount of personal information from data centers in many instances. Specifically, after grasping the name and business content of the recipient, an email disguised to misunderstand the business email sent from an […]
Cisco is one of the world’s leading technology companies, so a security flaw in one of their equipment or solutions could compromise the operations of thousands of organizations, regardless of whether they are large companies or small businesses. Network security experts report the presence of three security flaws on Cisco 220 Series smart switches that […]
A serious cybersecurity problem has just been revealed and could take months, even years, to be solved. A group of network security experts discovered at least eleven zero-day vulnerabilities in the operating system for Integrated Real-Time Systems (RTOS) VxWorks. This is serious considering that this system drives more than 2 billion devices in fields such […]
A new vulnerability in a Siemens software platform has been discovered by system audit specialists. If exploited, this flaw would allow hackers to gain access to industrial control systems, which work with this software, to carry out espionage activities or even hardware failures on compromised systems. One of the main industries that employ these systems […]
Rootkits are secret computer programs that allow continuous and privileged access to a computer and actively hide its existence. The term rootkit is the combination of the two words “root” and “kit”. Initially, a rootkit was a set of tools for accessing computers or networks at the administrator level. Root refers to administrator accounts on […]
D-Link has agreed to make some security enhancements that have reorganized the company’s security platform to resolve disputes from the Federal Trade Commission (FTC) because it has misinterpreted the security of its product. The case stems from complaints from corporate routers and IoT cameras against D-Link in 2017 that disclosed confidential consumer information to third […]
The information security analyst is an important role in any organization, since they keep sensitive information secure. They work with the different departments to find and correct any flaw with the organization’s security solutions and programs. They are also responsible for recommending ways to improve overall security. Responsibilities of an Information Security Analyst: Overall, the […]
I have read a couple of books recently about different vulnerabilities in order to be able to better protect my projects/websites. Today, I want to share a story about how I managed to use this knowledge in practice. Disclaimer This material is posted for educational purposes only. The author is not responsible for its usage […]
The Belgian manufacturer of aeronautical equipment ASCO was forced to close its operations in Belgium, Germany, Canada and the United States after a ransomware attack at its Zaventem plant in Belgium. ASCO is one of the world’s largest manufacturers of aeronautical equipment and provides high-end aeronautical equipment, such as lifting devices, mechanical assemblies and functional […]
Yesterday’s announcement of this HSM hacking in the 2019 BlackHat program caused a lot of excitement for a good reason: the authors claim to have discovered unauthenticated remote attacks, giving full control of an HSM and full access to the keys and secrets stored in it. For the moment, very few details are available in English about how this […]
Software vulnerabilities and the need for patching have become a fact of life in the modern world. Everyone loves the capabilities provided by computers and the Internet, but they’re not perfect. The simple fact is that software is written by humans and humans make mistakes, so the software has bugs in it. And if those […]
Field programmable gate arrays (FPGA) are electronic devices that can be configured to perform various tasks. According to web application security specialists, the large data centers that provide cloud services (including large technology companies) resort to the use of FPGA. The use of these services is usually considered to be very safe; however, specialists from […]
Since the vulnerabilities of Spectre and Meltdown appeared, specialists in information security services anticipated that implementing software fixes for these flaws implied a decrease in the performance of a system, although due to the new information related to this type of cyber errors the exact impact is still unknown, and there is still not enough […]
Sophisticated malware was planted by hackers on Puma Australia’s website, with the intention to steal customer’s credit card information at checkout, a security researcher found. A suspicious code tucked away on Puma Australia’s page containing a script that logged people’s credit card numbers, names, and addresses when they typed them in on the website. The […]
Cyber forensics course specialists reported critical security vulnerabilities in iLnkP2P, a peer-to-peer (P2P) communications software component that, if exploited, would allow a hacker to access and take control of about 2 million of Internet of Things (IoT) devices. This technology allows users to connect to their devices at the time they get online; an attacker […]