FireEye Security Experts discovered Microsoft Windows XP and Server 2003 privilege escalation zero-day exploit Security experts at FireEye have discovered a new zero-day, a privilege escalation vulnerability in Windows XP and Windows Server 2003. It’s is the eleventh vulnerability discovered by FireEye this year, really a great job for the researchers of the young company. The last zero-day flaw is coded […]
Bogdan Alecu, a system administrator at Dutch IT services company Levi9, discovered that Google Nexus phones are vulnerable to SMS-based DOS attack. The popular family of Smartphones Google Nexus is vulnerable to SMS-based DOS attack that could cause the handset freeze and other anomalous behaviors. Bogdan Alecu, a system administrator at Dutch IT services company Levi9, discovered […]
The U.S. Government was sentenced for $50 Million because it has used of pirated copies of Military Software designed by Apptricity company. The software piracy is not a prerogative of commercial software, illegal copies of military software have been used for years by U.S. Forces. The software used by U.S. military appears to be pirated […]
Symantec security experts have discovered a new Linux worm that was designed to target the âInternet of thingsâ infecting Intel x86-powered Linux devices. Symantec security experts have detected across a worm that exploits various vulnerabilities in PHP to infect Intel x86-powered Linux devices. Home internet kits with x86 chips are exposed to the risk of […]
A security issue inside cookie-based storage mechanism of Ruby on Rails could expose thousand websites to cyber attacks. Ruby on Rails, “hit an open source web application framework to compromise a wide audience”, this is the thought of attackers that desire who want to hack the highest number of web sites. A security issue inside […]
Atrax, yet another commercial crimekit on the black market, a malware able to exploit Tor and that implements numerous features including Bitcoin mining. Atrax is the name of the last crimekit that is sold in the underground market, its particularity is the capability to exploit Tor networks to communicate with Command & Control infrastructure. Jonas […]
Due to the constant growth in the number of cyber attacks it is necessary to properly define the actions composing an incident response plan. FireEye firm published an interesting post on the need of incident response (IR) capabilities to reply numerous cyber attacks that daily hit almost any web service. Starting from the data proposed […]
U.S.-China Economic and Security Review Commission reported for the first time that cloud computing ârepresents a potential espionage threat.â U.S.-China Economic and Security Review Commission reported for the first time that cloud computing ârepresents a potential espionage threat.â , Chinese hackers are a persistent collector of sensitive information, their action is incessant and represent a […]
A study conducted by company’s enterprise security arm HP Fortify revealed that the majority of mobile apps based on iOS is vulnerable. The company’s enterprise security arm HP Fortify conducted a series of tests on mobile apps that produced concerning results, almost every app is vulnerable. Mike Armistead, vice president and general manager, Enterprise Security […]
Security experts Stewart from Dell SecureWorks and independent researcher David Shearhave explored online underground marketplace for stolen data. Digital identity is one of the most attractive goods sold in the underground, to a growing demand coincided with a more structured supply that will satisfy even the most complex requirements. Cybercrime pays and in the majority […]