Hacking Archives - Page 760 of 971

Pierluigi Paganini October 21, 2016

US contractor stole an astonishing quantity of data, including Equation Group tools

The US DoJ has charged the US contractor Harold Thomas Martin with theft of secret documents and highly classified government material. A couple of months ago, the FBI announced the arrest of an NSA contractor, Harold Thomas Martin III, over a massive secret data theft. The US DoJ has charged Harold Thomas Martin (51) with theft […]

Pierluigi Paganini October 21, 2016

Cyber Criminal can easily get access to your YesBank Internet Banking using stolen Debit/Credit Card Number and PIN

A security researcher disclosed a vulnerability in the online banking service of the YesBank that promptly fixed the issue. I am a customer of YesBank and I hold my savings account with them. I also use the YesBank’s online banking application and I strongly feel that the application of the bank must be secured. So, as […]

Pierluigi Paganini October 21, 2016

The new Dirty COW Linux Kernel Exploit already used in attacks in the wild

Experts disclosed a new Linux kernel vulnerability dubbed Dirty COW that could be exploited by an unprivileged local attacker to escalate privileges. The security expert Phil Oester discovered in the Linux kernel a new flaw, dubbed ‘Dirty COW‘ that could be exploited by a local attacker to escalate privileges. The name “Dirty COW” is due to the […]

Pierluigi Paganini October 20, 2016

FruityArmor APT exploited Windows Zero-Day flaws in attacks in the wild

Experts from Kaspersky have discovered a new APT dubbed FruityArmor APT using a zero-day vulnerability patched this month by Microsoft. A new APT group, dubbed FruityArmor, targeted activists, researchers, and individuals related to government organizations. According to experts at Kaspersky Lab, the FruityArmor APT conducted targeted attacks leveraging on a Windows zero-day vulnerability, tracked as CVE-2016-3393, recently […]

Pierluigi Paganini October 20, 2016

Experts devised a method to capture keystrokes during Skype calls

A group of security experts discovered that the Microsoft Skype Messaging service exposes user keystrokes during a conversation. A group of researchers from the University of California Irvine (UCI) and two Italian Universities discovered that the popular Skype Messaging service expose user keystrokes during a call. The researchers have devised a method to record the acoustic emanations of […]

Pierluigi Paganini October 20, 2016

Flaw in Intel CPUs could allow to bypass ASLR defense

A flaw in Intel chips could be exploited to launch “Side channel” attack allowing attackers bypass protection mechanism known as ASLR. A vulnerability in the Intel’s Haswell CPUs can be exploited to bypass the anti-exploitation technology address space layout randomization (ASLR) that in implemented by all the principal operating systems. The ASLR is a security mechanism […]

Pierluigi Paganini October 20, 2016

Czech police arrested a Russian hacker alleged involved in 2012 LinkedIn hack

Czech police, working with the FBI, has arrested a Russian man at a hotel in Prague that is suspected to be involved in the 2012 LinkedIn hack. Czech authorities, with the support of the FBI, have arrested a Russian hacker suspected of conducting cyber criminal activities against the US. “Policemen investigation department of the Criminal […]

Pierluigi Paganini October 19, 2016

SQL Injection zero-day in component ja-k2-filter-and-search of Joomla

Information Security experts have discovered an SQL injection zero-day vulnerability in Joomla component ja-k2-filter-and-search. Information Security Researchers Dimitrios Roussis and Evangelos Apostoloudis have discovered an SQL injection vulnerability in component ja-k2-filter-and-search (https://www.joomlart.com/joomla/extensions/ja-k2-search) of Joomla, a popular open-source Content Management System (CMS). This component has been used in various Joomla sites. Through the use of the […]

Pierluigi Paganini October 19, 2016

Ops also the Trump Organization uses insecure e-mail servers

According to a security researcher, the Trump Organization’s mail servers run on an outdated version of Microsoft Windows Server. Hillary Clinton is over in the storm for the violation of its private email server, even Trump has used the case to attack the rival. The irony of fate, now we are here discussing because also Trump’s staff […]

Pierluigi Paganini October 19, 2016

Magento card-swiping malware hides stolen card data in legitimate images

Security experts have spotted an interesting exfiltration technique adopted by crooks to exfiltrate card data from Magento platforms. Security experts from Sucuri and RiskIQ have spotted an interesting exfiltration technique adopted by crooks to exfiltrate payment data from compromised e-commerce websites powered by the Magento platform. Cybercriminals have been using image files to store and exfiltrate […]

Hacking

US contractor stole an astonishing quantity of data, including Equation Group tools

Cyber Criminal can easily get access to your YesBank Internet Banking using stolen Debit/Credit Card Number and PIN

The new Dirty COW Linux Kernel Exploit already used in attacks in the wild

FruityArmor APT exploited Windows Zero-Day flaws in attacks in the wild

Experts devised a method to capture keystrokes during Skype calls

Flaw in Intel CPUs could allow to bypass ASLR defense

Czech police arrested a Russian hacker alleged involved in 2012 LinkedIn hack

SQL Injection zero-day in component ja-k2-filter-and-search of Joomla

Ops also the Trump Organization uses insecure e-mail servers

Magento card-swiping malware hides stolen card data in legitimate images

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!