Researchers at Qualys revealed that POODLE is likely to hit some of the most popular websites because the flaw also affects implementations of newer TLS. POODLE (Padding Oracle On Downgraded Legacy Encryption) is a critical vulnerability affecting SSL that was discovered in October 2014. The researchers at Google that discovered it, explained that the POODLE flaw is related […]
The security expert David Longenecker discovered that the update process for ASUS Wireless Routers RT Series is vulnerable to Man-in-the-Middle attacks. The security expert David Longenecker discovered that ASUS Wireless Routers RT Series are vulnerable to Man-in-the-Middle attacks. The researcher explained that that the routers download updates via HTTP without an encryption protocols as explained in the blog post by Longenecker. […]
A report confirms that China is collecting private data of more that 100 million Apple iCloud users resident in the country with a man-in-the-middle attack. The Chinese Government has launched a new hacking campaign that is targeting Apple iCloud users in the country, the news was reported by the censorship watchdog GreatFire.org is a blog post. […]
Researcher explains that vulnerable code re-use of zero-day in Android’s CyanogenMod exposes million users to Man-In-The-Middle attacks. Security experts always discourage jailbreaking and rooting of mobile devices due to the risk related to the installation of not authorized applications that could hide malware and serious bugs. At the Ruxcon Security Conference in Australia, an unnamed security […]
The POODLE against SSL 3.0. A new attack on SSL is threatening the Internet again, it allows bad actors to decrypt traffic over secure channels. Another critical flaw affects one of the protocols most used to secure Internet traffic, Secure Sockets Layer (SSL) and attacker could exploit the attack dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption) to run a […]
Security experts at Lacoon Mobile Security detected a malicious app dubbed Windseeker which uses rare injection and hooking techniques to spy on users. Windseeker is a malicious Android app which attracted experts at Lacoon Mobile Security, the principal characteristics of the app are its injection and hooking techniques used to spy on mobile users. The techniques are rare […]
Using the proper surveillance systems available on the market it is easy and quick to track cellphone and the movements of targets everywhere on the globe. We recently discussed the decision of Wikileaks to publish copies of the criticized surveillance software FinFisher, highlighting the dangers for the militarization of the cyberspace and in particular for […]
Routers manufactured by Netcore and sold worldwide under Netis brand have a wide-open backdoor that can be fairly easily exploited by threat actors. Experts at TrendMicro discovered that routers manufactured by Chinese security vendor and sold under the brand name Netcore in China have a hard-coded password. The hard-coded password allows attackers to access user’s traffic with a backdoor, […]
A very sophisticated phishing campaign has been discovered by Malcovery Security, it targets French-speaking computer users to steal banking credentials. Phishing is a very prolific business for cybercrime, bad actors are adopting even more sophisticated techniques like the one discovered recently which hit French-speaking computer users, in an attempt to steal their online banking credentials. The […]
Joxean Koret, a security researcher at Singapore-based consultancy COSEINC, has publicly revealed a series of flaws which affect major antivirus engines. The security researcher at Singapore-based consultancy COSEINC, Joxean Koret, has discovered different flaws in 14 of 17 major antivirus engines. The researcher has presented the results of his study (PDF) at the recent SyScan 360 security conference in […]