In this post the author Scott Thompson explores the basics of Point-of-Sale Security analyzing threats and possible solutions. Basics of Point-of-Sale Security In late 2013, at the height of the holiday shopping season, Target Corporationâs point-of-sale payment network was breached, and over 70 million customers had their card payment information stolen, including this author, creating […]
Starting from September 1st, 2015, Google will disable Flash’s ability to auto-play in its Chrome browser. What will change for advertisers? Google is going to disable Flash’s ability to auto-play in Chrome, the change will be introduced starting from September 1, 2015. Since this date, non-important Flash files will need explicit user’active to play in the browser. […]
A new set of rules was created by the Department of Defense (DoD) for Cloud Providers to report security holes when dealing with US government data. A new set of rules was created by the Department of Defense (DoD) of the US government for how the cloud providers should report the security issues that involve […]
DSL home routers from a number of vendors contain hard-coded credentials that could allow a hacker to hijack the network devices via telnet services. A bunch of home gateway vendors, presumably sourcing their firmware from the same place, can be hijacked using depressingly common hard-coded logins. Experts from the Carnegie-Mellon CERT discovered that a number of home […]
Moscow Lawyers complain to prosecutors over Windows 10 privacy, the Microsoft operating system is accused spying on its users and collect their data. Russian lawyers have filed a complaint calling for restricting the sale of Windows 10 in Russia, the action urges because the newborn OS spy on users violating Russian laws. Starting July 29, and for the […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. Dark marketplaces raked from $300,000 to $500,000 a day How to hack a Parrot drone on the fly How BitTorrent could let lone DDoS attackers bring down big sites […]
A security researcher revealed that BMW was aware of the mobile app vulnerability that allows hackers to run the Ownstar attack. At the recent DEF CON conference the popular security researcher Samy Kamkar presented Ownstar, a $100 gadget that allows to hacks GM Cars. The Ownstar tool allows to locate, unlock, and start a car who […]
CVE-2015-3842 is a new flaw affecting the Android mediaserver, which can be exploited to perform attacks involving arbitrary code execution. The problems for Android users continue, a long serie of vulnerabilities has been discovered by the experts in the last weeks, Stagefright, zero-day zero-day deserialization, and Certifi-Gate are the names of some of the flaw recently […]
Microsoft has pushed an emergency patch to remediate a zero-day vulnerability in Internet Explorer that is actively being exploited in-the-wild. Today, August 18th, 2015, Microsoft released an emergency patch after being notified of a critical vulnerability in all supported versions of Internet Explorer. All versions of Microsoft Internet Explorer from IE7 to IE11 are affected by this zero-day vulnerability. […]
A report revealed that Microsoft could scan PCs running Windows 10 searching for pirated games and unauthorized hardware and disable them. One thing is certain, for better or for worse, we are talking a lot about the new Microsoft operating system Windows 10. The experts mainly expressed privacy concerns around the Windows 10 OS, they […]