Hacking Archives - Page 748 of 957

Pierluigi Paganini October 14, 2016

33 million records exposed after the Evony data breach

The website and the forum of the Evony gaming company were hacked this summer and as a result 33 Million of its gamers have their data compromised. Data of more than 33 million accounts of the Evony gaming company were stolen as result of a data breach occurred in June. Evony is the company that […]

Pierluigi Paganini October 14, 2016

SSHowDowN Proxy attacks – A 12-Year-Old SSH bug exposes more than 2M IoT Devices

Akamai Technologies revealed that hackers are exploiting a 12-year-old bug in OpenSSH to hack into millions of IoT devices with SSHowDowN Proxy attacks. IoT devices are a privileged target for hackers, design flaws and wrong configurations open to the attackers. Recently we read about massive DDoS attacks powered by huge botnets powered by hundreds of […]

Pierluigi Paganini October 14, 2016

Here’s how Tor Project and Mozilla will make harder de-anonymizing Tor users

Tor Project and Mozilla are working together to improve the security of Tor users and make harder for attackers to unmask them. Intelligence and law enforcement agencies continue to invest in order to de-anonymize Tor users. In the past, we received news about several techniques devised by various agencies to track Tor users, from the correlation attacks to the hack […]

Pierluigi Paganini October 14, 2016

Cisco Meeting Server – CVE-2016-6445 flaw allows to impersonate legitimate users

Cisco fixed a critical vulnerability in the Cisco Meeting Server, tracked as CVE-2016-6445, that allows remote attackers to impersonate legitimate users. A security vulnerability in Cisco Meeting Server, tracked as CVE-2016-6445, could be exploited by attackers to impersonate legitimate users. Experts from Cisco uncovered the vulnerability during a routine security audit of a customer. The hole resides […]

Pierluigi Paganini October 13, 2016

SonicWALL Email Security appliance flaws could expose corporate emails

Dell issued the SonicWALL Email Security OS 8.3.2 release to address high severity issues that can be exploited to take control of the appliance. Security researchers at Digital Defense discovered multiple vulnerabilities while assessed the SonicWALL Email Security virtual appliance (Version 8.3.0.6149). According to the experts. The flaws could be exploited by attackers to conduct a wide […]

Pierluigi Paganini October 13, 2016

Attackers are exploiting a recently patched high-severity DoS flaw in BIND

Attackers are exploiting a recently patched high-severity DoS flaw, tracked as CVE-2016-2776, in the in the popular DNS software in BIND. Last month a vulnerability in the popular DNS software BIND, tracked as CVE-2016-2776, has been patched. The flaw could be exploited by a remote attacker to trigger a DoS condition using specially crafted DNS packets. The […]

Pierluigi Paganini October 13, 2016

Bitcoin Wallet Blockchain.info went down due to a DNS Hijacking

Blockchain.info, the world’s most popular Bitcoin wallet and Block Explorer service went down this week due to a DNS Hijacking attack. Crypto-currencies continue to be a privileged target of cyber criminals, Bitcoin wallets and services provided by many companies operating in the industries have been targeted by criminal organizations as never before. Blockchain.info, the world’s […]

Pierluigi Paganini October 12, 2016

Patch Tuesday fixes four Microsoft zero-day flaws exploited in the wild

Microsoft October security bulletins patch tens of vulnerabilities, including four Microsoft zero-day vulnerabilities that have been exploited in the wild. Microsoft has released its monthly Patch Tuesday update that includes a total of 10 security bulletins, five the flaws addressed by the updates are zero-day vulnerabilities affecting Internet Explorer, Edge, Windows and Office products. They could be exploited by […]

Pierluigi Paganini October 12, 2016

Inside the DDoS attacks powered by large IoT botnets

Cloudflare firm has published a report that analyzes two recent attacks that were powered by large IoT botnets based on the Mirai Threat. The IoT botnets represent one the most dangerous threats in the security landscape, recently we have assisted to cyber attacks powered by these infrastructures that reached magnitude never seen before. The recent DDoS attacks powered […]

Pierluigi Paganini October 11, 2016

Hurry up,fix the CVE-2016-5425 privilege escalation flaw in Apache Tomcat

The security research Dawid Golunski reported a Root Privilege Escalation in the Apache Tomcat (RedHat-based distros) tracked as CVE-2016-5425. Apache Tomcat packages provided by default repositories of RedHat-based distributions (i.e. CentOS, RedHat, OracleLinux, Fedora, etc.) create a tmpfiles.d configuration file with insecure permissions. The configuration file /usr/lib/tmpfiles.d/tomcat.conf could be modified by a member of the tomcat group or by a malicious […]

Hacking

33 million records exposed after the Evony data breach

SSHowDowN Proxy attacks – A 12-Year-Old SSH bug exposes more than 2M IoT Devices

Here’s how Tor Project and Mozilla will make harder de-anonymizing Tor users

Cisco Meeting Server – CVE-2016-6445 flaw allows to impersonate legitimate users

SonicWALL Email Security appliance flaws could expose corporate emails

Attackers are exploiting a recently patched high-severity DoS flaw in BIND

Bitcoin Wallet Blockchain.info went down due to a DNS Hijacking

Patch Tuesday fixes four Microsoft zero-day flaws exploited in the wild

Inside the DDoS attacks powered by large IoT botnets

Hurry up,fix the CVE-2016-5425 privilege escalation flaw in Apache Tomcat

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

Sophos fixed two critical Sophos Firewall vulnerabilities

French Authorities confirm XSS.is admin arrested in Ukraine

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Cisco confirms active exploitation of ISE and ISE-PIC flaws

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!