The security researcher Fábio Castro discovered tens of thousands of Django apps that expose sensitive data because developers forget to disable the debug mode. Security researchers have discovered misconfigured Django applications that are exposing sensitive information, including passwords, API keys, or AWS access tokens. Django is a very popular high-level Python Web framework that allows rapid development of Python-based web applications. The […]
Cyber Defense Magazine March 2018 Edition has arrived. We hope you enjoy this month’s edition…packed with over 170 pages of excellent content. InfoSec Knowledge is Power. We have 6 years of eMagazines online with timeless content. Visit our online library by clicking here. Please tell your friends to subscribe – no strings, always free emagazines: FLIPBOOK http://www.cyberdefensemagazine.com/newsletters/march-2018/index.html PDF […]
According to an NBC report, the Grindr gay-dating app was affected by 2 security issues (now patched) that could expose the information of its more than 3 million daily users. Every day we read of a new data breach, in some cases, exposed data could have a severe impact on the victim. According to an NBC report, the Grindr […]
Security researchers at Cybereason recently discovered a credential-stealing malware dubbed Fauxpersky, that is masquerading as Kaspersky Antivirus and spreading via infected USB drives. Fauxpersky was written in AutoIT or AutoHotKey, which respectively are a freeware BASIC-like scripting language designed for automating the Windows GUI and general scripting and a free keyboard macro program to send keystrokes to […]
A ransomware infected systems at the Uttar Haryana Bijli Vitran Nigam power company in India, crooks demanded 10 million Rupees to get the data back. The Uttar Haryana Bijli Vitran Nigam power company in India was hacked last week, attackers breached into its computer systems and stole the billing data of their customers. The hackers demanded 10 million Rupees to […]
An international operation conducted by the Romanian National Police and the Italian National Police, with support from Europol, the Joint Cybercrime Action Taskforce (J-CAT), and Eurojust. led to the arrest of 20 individuals involved in a banking spear phishing scam. According to the investigators, the banking phishing scam allowed crooks to defrauded bank customers of €1 million […]
What are the advantages for adopting an SSL Certificates and why is it important to discover and analyze SSL Certificates online? Secure Socket Layer (SSL) has gained weight with the increasing concern of security for all sensitive data online. In fact, it is the only reliable source for secure business and data handling. The entire […]
The Drupal development team has fixed the drupalgeddon2 vulnerability that could be exploited by an attacker to take over a website. A few days ago, Drupal Security Team confirmed that a “highly critical” vulnerability, tracked as CVE-2018-7600, affects Drupal 7 and 8 core and announced the availability of security updates on March 28th. The vulnerability was discovered […]
This week Cisco patched three critical vulnerabilities affecting its operating system IOS XE, two of them are remote code execution flaws that could be exploited by an attacker to gain full control over vulnerable systems. Cisco March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication addressed 22 vulnerabilities, 3 of them rated as […]
According to a report from the Seattle Times, the dreaded WannaCry ransomware hit a Boeing production plant in Charleston, South Carolina on Wednesday. WannaCry is back, this time it infected some systems belonging to US aircraft manufacturer Boeing. According to a report from the Seattle Times, the dreaded ransomware hit a Boeing production plant in Charleston, South Carolina on […]