Hacking Archives - Page 714 of 957

Pierluigi Paganini February 24, 2017

Cloudbleed flaw exposes sensitive data from millions sites behind CloudFlare

Cloudflare was leaking a wide range of sensitive information, including authentication cookies and login credentials, the flaw was dubbed Cloudbleed. The notorious Google security researcher, Tavis Ormandy, recently made and astonishing discovery, Cloudflare was leaking a wide range of sensitive information, including authentication cookies and login credentials, the flaw was dubbed Cloudbleed. “On February 17th 2017, […]

Pierluigi Paganini February 24, 2017

Out-of-band resource load in Google allows attacker to launch a DDoS attack from its servers

A security researcher discovered an Out-of-band resource load flaw in Google’s servers that allowed him to perform a DDoS attack on remote hosts. Young security researcher, Luka Sikic from Croatia found a serious vulnerability in Google. He was able to servers of the IT giant to perform a DDoS attack on remote hosts. Out-of-band resource load (classified […]

Pierluigi Paganini February 24, 2017

SHAttered attack, Google and CWI conducted the first SHA-1 collision attack

Experts at Google and CWI conducted the first real world collision attack against popular SHA-1 hashing algorithm, so called shattered-attack. Researchers at Google and Centrum Wiskunde & Informatica (CWI) in the Netherlands succeeded in conducting the first real world collision attack against popular SHA-1 hashing algorithm. The researchers created two documents with different content but […]

Pierluigi Paganini February 23, 2017

Netflix releases the Stethoscope tool to improve security

Netflix has released the Stethoscope open source web application that provides recommendations for securing their devices. Netflix has released Stethoscope, an open source web application that provides recommendations for securing computers, smartphones, and tablets. Netflix intends to follow a “user focused security” approach that aims to provide employees information to improve their security posture, rather than […]

Pierluigi Paganini February 23, 2017

Researchers exfiltrate data by blinking the LEDs on the hard drives

A team of Israeli researchers has devised a new technique to exfiltrate data from a machine by using a malware that controls hard drive LEDs. Across the years, numerous studies demonstrated that it is possible to exfiltrate data from air-gapped networks in various ways and security experts warned to cover our webcam to avoid being spied by […]

Pierluigi Paganini February 22, 2017

CVE-2017-6074 – a new 11-year old Linux Kernel flaw discovered

Security expert discovered a new 11-year old privilege escalation vulnerability, tracked as CVE-2017-6074, in the Linux kernel. A new privilege escalation vulnerability, tracked as CVE-2017-6074, has been discovered in the Linux kernel and the astonishing new is that it is an 11-year old flaw. The local privilege-escalation vulnerability, discovered by security researcher Andrey Konovalov, affects all the major […]

Pierluigi Paganini February 22, 2017

For the second time in a few months Montenegro suffered massive and prolonged cyberattacks

For the second time in a few months Montenegro suffered massive and prolonged cyberattacks against government and media websites. According to the Balkan Insight, attackers have launched a renewed attack on the Montenegrin government and media. The last wave of cyber attacks started on February 15 and lasted several days, according to the government experts it was […]

Pierluigi Paganini February 22, 2017

Microsoft releases security updates for Flash Player, but two disclosed flaws remain unpatched

On Tuesday Microsoft issued the security updates KB 4010250 that address flaws in Adobe Flash Player, but two already disclosed flaws remain unpatched. On Tuesday Microsoft issued the security updates KB 4010250 that address flaws in Adobe Flash Player. The updates fix the vulnerabilities in Internet Explorer on Windows 8.1 and later, as well as […]

Pierluigi Paganini February 22, 2017

FTP Injection flaws in Java and Python allows firewall bypass

The two programming languages, Java and Python, are affected by serious FTP Injection flaws that can be exploited by hackers to bypass any firewall. Attackers can trick Java and Python applications to execute rogue FTP commands that would open ports in firewalls The unpatched flaws reside in the way the two programming languages handle File Transfer […]

Pierluigi Paganini February 21, 2017

Corporate email addresses are 6.2x more targeted by phishing

At the RSA security conference in San Francisco, the experts at Google Research explained that Corporate email addresses are privileged targets for hackers. At the RSA security conference in San Francisco, the experts at the Google Research team at the Google Research team have shared the results of an interesting study on cyber attacks against emails accounts. Corporate […]

Hacking

Cloudbleed flaw exposes sensitive data from millions sites behind CloudFlare

Out-of-band resource load in Google allows attacker to launch a DDoS attack from its servers

SHAttered attack, Google and CWI conducted the first SHA-1 collision attack

Netflix releases the Stethoscope tool to improve security

Researchers exfiltrate data by blinking the LEDs on the hard drives

CVE-2017-6074 – a new 11-year old Linux Kernel flaw discovered

For the second time in a few months Montenegro suffered massive and prolonged cyberattacks

Microsoft releases security updates for Flash Player, but two disclosed flaws remain unpatched

FTP Injection flaws in Java and Python allows firewall bypass

Corporate email addresses are 6.2x more targeted by phishing

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Cisco confirms active exploitation of ISE and ISE-PIC flaws

SharePoint under fire: new ToolShell attacks target enterprises

CrushFTP zero-day actively exploited at least since July 18

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!