Hacking Archives - Page 906 of 957

Pierluigi Paganini May 25, 2014

FireEye-Mandiant data confirms DOJ’s Findings on APT1

Experts at Mandiant have corroborated the DOJ’s data by releasing additional evidence not included in the original APT1 report. One of the news most important shared on the internet this week it the one related to the indictment announced by US Department of Justice (DOJ) on five members of PLA Unit 61398. One year ago Mandiant experts deeply analyzed […]

Pierluigi Paganini May 25, 2014

Serious Flaw in Yahoo Websites allows attackers to delete any comment

The Egyptian security researcher Ahmed Aboul-Ela has discovered a vulnerability which allowed deleting comments of any user in all Yahoo sites. A couple of days ago I was contacted by the Egyptian security researcher Ahmed Aboul-Ela which informed me to have disclosed a vulnerability in Yahoo websites which allow attackers to delete any comment from all Yahoo Services, […]

Pierluigi Paganini May 24, 2014

A new series of critical eBay vulnerabilities still menaces 145M users

Security experts have discovered three new critical eBay vulnerabilities, the privacy and data of more than 145 million users is still at risk. Just a few days after the disclosure of a major data breach at eBay, in the Internet is circulating the news of three new critical eBay vulnerabilities in the company website. eBay admitted […]

Pierluigi Paganini May 22, 2014

Microsoft hasn’t disclosed neither fixed a 4 months-old 0Day Internet Explorer 8 flaw

Zero Day Initiative website has disclosed a new zero-day Internet Explorer 8 vulnerability which was reported to Microsoft four months ago but not yet fixed Microsoft had kept hidden a critical Zero-Day vulnerability in Internet Explorer 8 since October 2013, this is the last disconcerting news that is circulating within the security community. Peter ‘corelanc0d3r’ Van […]

Pierluigi Paganini May 21, 2014

eBay database compromised, change your password now

The giant eBay suffered a serious data breach which exposed data in its database. Customer information, including personal data and password were violated. The Giant Ebay is victim of data breach, during a cyber attack the hackers violated company database accessing to personal data and user credentials. In response to the incident the company is notifying its customers […]

Pierluigi Paganini May 20, 2014

5 Chinese PLA officials accused of cyber espionage on US companies

The United States has filed criminal charges against five Chinese military PLA officials for cyber espionage and hacking against several US companies. The United States early this week charged five Chinese military PLA officers and accused them of hacking into computers of American companies. US authorities accused the China’s People’s Liberation Army officers of hacking […]

Pierluigi Paganini May 20, 2014

Remote code injection in Microsoft, Yahoo and Orange subdomains

Security researcher Ebrahim Hegazy has identified a remote code injection vulnerability affecting several subdomains of Microsoft, Yahoo, Orange and others. Fortunately, the security Vulnerability has been fixed. While participating in the Yahoo Bug Bounty program, Hegazy has found a “Unauthorized Admin Access” Vulnerability in one of Yahoo domains “mx.horoscopo.yahoo.net.”, that vulnerability led him to find […]

Pierluigi Paganini May 19, 2014

SNMP issues in many devices allow disclosure of data

Researchers at Rapid7 disclosed a series of vulnerabilities in many devices that allow data disclosure from the SNMP community string. Researchers at Rapid7 have discovered problems in SNMP on embedded devices which can can cause the exposure of critical information. As explained in the official blog post during the analysis the experts discovered devices which expose information that would […]

Pierluigi Paganini May 18, 2014

Criminals capture PINs over wireless remotely instead tamper ATMs

Criminals are exploiting news tactics to steal user’s PIN from ATMs, capturing them over wireless network instead risky tampering of the banking machine. Cyber criminals are adopting even more creative and sophisticated methods to collect user’s personal information, of course banking data is very attractive for hackers that could decide to directly use it for cyber frauds, […]

Pierluigi Paganini May 17, 2014

Elderwood Platform is still providing Zero-Day exploits

Experts at Symantec have discovered that behind the Elderwood Platform there is a still active group which is providing Zero-Day exploit used recently. Do you remember the Elderwood project? It was September 2012 when Symantec security firm published an analysis that demonstrate the link between a series of cyber attacks against more than 30 companies and the cyber […]

Hacking

FireEye-Mandiant data confirms DOJ’s Findings on APT1

Serious Flaw in Yahoo Websites allows attackers to delete any comment

A new series of critical eBay vulnerabilities still menaces 145M users

Microsoft hasn’t disclosed neither fixed a 4 months-old 0Day Internet Explorer 8 flaw

eBay database compromised, change your password now

5 Chinese PLA officials accused of cyber espionage on US companies

Remote code injection in Microsoft, Yahoo and Orange subdomains

SNMP issues in many devices allow disclosure of data

Criminals capture PINs over wireless remotely instead tamper ATMs

Elderwood Platform is still providing Zero-Day exploits

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Cisco confirms active exploitation of ISE and ISE-PIC flaws

SharePoint under fire: new ToolShell attacks target enterprises

CrushFTP zero-day actively exploited at least since July 18

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!