Hacking Archives - Page 902 of 967

Pierluigi Paganini October 24, 2014

NAT-PMP Protocol Vulnerability affects more than 1.2 Million SOHO devices

Security researchers at Rapid7 have discovered a serious NAT-PMP Protocol vulnerability that puts 1.2 Million SOHO routers at risk. Another serious security flaw is threatening more than 1.2 million SOHO Routers worldwide, the vulnerability is related to the “improper NAT-PMP protocol implementations and configuration flaws“, as explained by Jon Hart, a researcher at Rapid7. Hart explained the that […]

Pierluigi Paganini October 22, 2014

Google improved 2-Step Verification with Security Key

Google has announced the introduction of an improved two-factor authentication mechanism based on a USB token dubbed Security Key. Google firm considers cyber security a pillar of its business, the last initiative announced by the company is the introduction of an improved two-factor authentication system for its services, including Gmail. The new 2FA process is based on the use of a […]

Pierluigi Paganini October 20, 2014

Operation Distributed Dragons, thousands of machine compromised worldwide

Operation Distributed Dragons – Tiger Security firm has discovered a series of DDoS attacks from China and that appear as run by a structured organization. Security experts at the Italian Tiger Security firm have spotted a new wave of DDoS attacks that were originated in China and that appear as run by well organized APT. The expert identified […]

Pierluigi Paganini October 19, 2014

Flaws in DTM components are threatening security of critical Industrial Control Systems

Researchers at the last Black Hat Europe have presented the results of their research on DTM/FDT components, demonstrating the presence of serious flaws. The researchers Alexander Bolshev and Gleb Cherbov at Digital Security, have discovered several serious vulnerabilities in industrial components designed to implement the management interface industrial control systems (ICS). The experts have analyzed the implementation of Field Device Tool / […]

Pierluigi Paganini October 17, 2014

Same Origin Method Execution attack to perform unintended actions on a website on behalf of victims

A researcher presented a new attack method dubbed Same Origin Method Execution which could be exploited to impersonate the targeted user on many websites. Same Origin Method Execution (SOME) is a new technique of attack against website presented by Ben Hayak, researcher at Trustwave, at Black Hat Europe in Amsterdam. The Same Origin Method Execution (SOME) attack method is […]

Pierluigi Paganini October 16, 2014

Security Companies united against the Hidden Lynx APT and its weapons

Principal security firms united in a joint effort dubbed Operation SMN against the cyber espionage group known as Hidden Lynx and its arsenal. The Hidden Lynx APT is a China-based group of hackers that conducted numerous cyber espionage campaign against U.S. defense contractors and other foreign organizations. The name Hidden Lynx was assigned to the APT by experts at […]

Pierluigi Paganini October 16, 2014

How to gain control of any Addthis user account

The security expert Federico Fazzi has disclosed a serious vulnerability in the Addthis.com service that allows attackers to take control of any account. The Italian security expert Federico Fazzi has discovered a serious vulnerability in the Addthis.com service that allows attackers to take control of any Addthis account. AddThis is the world’s largest content sharing and social […]

Pierluigi Paganini October 16, 2014

Millions vulnerable UPnP devices vulnerable to attack

Researchers at Akamai firm have issued a report on reflection and amplification DDoS attacks exploiting vulnerable UPnP devices worldwide. Researchers at Akamai firm have observed an increase of new reflection and amplification DDoS attacks exploiting Internet of Things devices (e.g. SOHO devices, routers, media servers, web cams, smart TVs and printers), which that misuses communications protocols. The […]

Pierluigi Paganini October 14, 2014

Reflected File Download attack to spread 0-Day Worm Over Any Social Networks

A security expert defined a new attack technique dubbed Reflected File Download that allows to serve a ‘Zero-Day’ Worm without possibility of defense. The security expert Oren Hafif has invented a new attack technique dubbed Reflected File Download (RFD) that could be adopted to hack victim’s computer when he tries and logs in to popular and trusted website like Google and […]

Pierluigi Paganini October 12, 2014

Threat actors phishing for Intellectual property and source code from IT giants

FireEye CEO David DeWalt explained that threat actors are targeting IT giants for source code and highlighted the importance to adopt new security model. Phishing is a common practice in the hacking community, despite the level of awareness of the threat is high, the efficiency of the attacks is still significant. As highlighted in the […]

Hacking

NAT-PMP Protocol Vulnerability affects more than 1.2 Million SOHO devices

Google improved 2-Step Verification with Security Key

Operation Distributed Dragons, thousands of machine compromised worldwide

Flaws in DTM components are threatening security of critical Industrial Control Systems

Same Origin Method Execution attack to perform unintended actions on a website on behalf of victims

Security Companies united against the Hidden Lynx APT and its weapons

How to gain control of any Addthis user account

Millions vulnerable UPnP devices vulnerable to attack

Reflected File Download attack to spread 0-Day Worm Over Any Social Networks

Threat actors phishing for Intellectual property and source code from IT giants

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

DoJ resentenced former BreachForums admin to three years in prison

Apple backports fix for actively exploited CVE-2025-43300

New supply chain attack hits npm registry, compromising 40+ packages

Cybercrime group accessed Google Law Enforcement Request System (LERS)

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!