Google security team has recently discovered and blocked fraudulent digital certificates issued for several Google domains by a Chinese CA. On March 20, Google security team has discovered and blocked fraudulent digital certificates issued for several Google domains. The investigation revealed that a Chinese certificate authority was using an intermediate CA, MCS Holdings, that issued the bogus […]
Thousands of routers exposed on the Internet by the ISPs are vulnerable to hacking and consequence of attacks on a large scale could be dramatic. ISPs have provided at least 700,000 ADSL routers to the public and unfortunately these kinds of routers have been really vulnerable to every possible hacker who wants to gain the […]
Security experts discovered that the Adobe CVE-2011-2461 vulnerability is exploitable by at least four years despite the company has issued a patch. Four years ago Adobe released a patch for the vulnerability CVE-2011-2461 that was affecting the Adobe Flex SDK 3.x and 4.x. The flaw was a cross-site scripting (XSS) vulnerability that allowed remote attackers to inject arbitrary […]
Chris Watts discovered a security flaw affecting some models of Cisco IP Phones that could be exploited to eavesdrop on conversations and make phone calls. Some models of Cisco IP phones for small businesses are affected by a vulnerability, coded as CVE-2015-0670 that could be exploited by a remote attacker to eavesdrop on conversations and make phone calls […]
A group of researchers from Voidsec have found six vulnerabilities in the Ghost blogging platform that allow privilege editing and DoS. Six vulnerabilities have been found affecting Ghost, the blogging platform coded in the Node.js born on October 2013. These vulnerability were discovered on January 26 by a group of researcher from Voidsec (voidsec, bughardy […]
Security experts at Proofpoint have discovered a new phishing campaign that exploits a Dridex variant that evades detection with AutoClose function. Criminal crews behind the Dridex banking malware are very prolific and are improving the popular malicious code. Recently we have discussed about a Dridex variant which was spread through phishing messages with Microsoft Office documents embedding malicious macros. The attackers exploited social engineering technique to lure […]
A cell of the ISIS has called on its members and backers in the US to kill 100 service members whose names, photos and addresses it posted online. The ISIS continues to scare the West, its operations are supported by a very aggressive media campaign that shares proclamations and recruit new followers in the name […]
Findings reveal that there is a clear lack of appropriate security measures to protect drivers of a connected car against hackers. âFindings reveal that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to […]
Cisco Security Team has spotted in the wild a new Point-of-Sale malware dubbed PoSeidon that is more sophisticated than previously detected PoS malware. Expert at Cisco have discovered a new Point-of-Sale (PoS)  malware dubbed PoSeidon. The experts have discovered many similarities with the popular Zeus Trojan and use sophisticated methods to find card data respect other POS malware like BlackPoS, which was used […]
A developed has discovered that just visiting a page including an unicode string of 13 characters it is possible to crash Mac Chrome tab. While at last pwn2own hacking competition security experts have demonstrated that is quite easy to hack major browsers, another bad news is circulating online for Apple users using Chrome, a sequence of […]