The hacking world will change. Instead of hacking based on computer programming as today, the hacking will be based on chemistry, biology, and physics. In the medium term future, the hacking world will change. Instead of hacking based on computer programming as today, the hacking will be based on chemistry, biology and physics. This article […]
The security expert Ebrahim Hegazy has published an interesting post detailing his discovery of a new Magento Remote Code Execution Vulnerability. The popular hacker Ebrahim Hegazy (Aka Zigoo) has discovered a Remote Code Execution Vulnerability that affects the widely adopted application Magento. The experts was analyzing the Magento website whe he discovered the sub-domain http://lavender.dev.magento.com/ supposedly used […]
Adobe has released a critical update to fix a flaw in the Shockwave player that could be exploited to compromise hundreds of millions of machines. Adobe has released a critical update to fix a vulnerability in the Shockwave player (CVE-2015-7649) that could be exploited by threat actors to compromise hundreds of millions of machines. The […]
Free Web Hosting 000Webhost company hacked, data belonging to more than 13 Million customers have been leaked online by the attackers. Another company has suffered a major data breach, this time in the headlines there is the world’s most popular Free Web Hosting company 000Webhost. The 000Webhost data breach has exposed more than 13.5 Million […]
Security experts at Sucuri reported a number of attacks exploiting a critical SQL injection flaw recently disclosed in the Joomla Content Management System. A few days ago, security experts disclosed a critical SQL injection vulnerability in the Joomla Content Management System (CVE-2015-7858), but as expected, threat actors in the wild are exploiting it in attacks against websites […]
A group of experts has conducted a research that demonstrates the type of data that can be gathered through the forensic study of WhatsApp. A new research conducted by forensic researchers at the University of New Haven (F. Karpisek of Brno University of Technology in the Czech Republic, and Ibrahim Baggili and Frank Breitinger, co-directors of the Cyber […]
The Google Project Zero hacker James Forshaw assessed Windows 10 analyzing the big risks related with the new OS from Microsoft. James Forshaw, a member of the Google Project Zero hacking crew, was given the task to asses Windows 10, and see if there were big risks related with the new OS from Microsoft. Forshaw talked […]
How much cost a zero-day for an industrial control system? Where is to possible to buy them and who are the main buyers of these commodities? We have discussed several times about the importance of zero-day in cyber attacks against computer systems, the exploitation of previously unknown vulnerabilities is a prerogative of well-funded hacking groups such as state-sponsored crews. […]
Now that it is known a critical flaw in the Diffie-Hellman key-exchange protocol was exploited by the NSA to break the internet encryption, how to stop it? Recently a group of researchers has revealed how the NSA has cracked HTTPS, SSH, and VPNs rely on the Diffie-Hellman encryption by exploiting a wrong implementation of the cryptographic algorithm. The […]
Imperva has discovered that attackers hijack CCTV cameras to launch powerful DDoS attacks exploiting weak credentials and poor configurations of IoT devices. Internet of Things devices are becoming privilege targets of threat actors that daily abuse of their resources to run cyber attacks or to organize frauds or to spy on unaware users. Unfortunately, most IoT devices […]