Security Affairs Archives - Page 988 of 1047

Pierluigi Paganini March 08, 2018

Leaked NSA dump contains tools developed by NSA Territorial Dispute to track state-sponsored hackers

A specific NSA unit, dubbed NSA Territorial Dispute (TeDi) developed these scripts to monitor activities of nation-state actors. Security experts at CrySyS Lab and Ukatemi have revealed that the NSA dump leaked one year ago by the Shadow Brokers hacker group also contains a collection of scripts and scanning tools the NSA uses to track operations of foreign state-sponsored […]

Pierluigi Paganini March 07, 2018

Two PoC exploits for Memcached DDoS attacks have been released online

Memcached DDoS attacks – A few days after the disclosure of the World’s largest DDoS attack record that peaked a 1.7Tbps, two PoC exploits code for Memcached amplification attacks have been released online. The technique behind Memcached DDoS attacks, is one of the coolest topics in cybersecurity at this moment. World’s largest DDoS attack record lasted […]

Pierluigi Paganini March 07, 2018

For the second time in two weeks CDOT shut down computers after a ransomware infection

For the second time in two weeks, the computers at the Colorado Department of Transportation Agency shut down 2,000 computers after a ransomware infection. For the second time in a few days, a variant of the dreaded SamSam ransomware paralyzed the CDOT. The second incident occurred while the agency was still in the process of recovering its […]

Pierluigi Paganini March 07, 2018

RCE flaw in Exim MTA affects half of the email servers online

A critical RCE vulnerability in the Exim mail transfer agent (MTA), tracked as CVE-2018-6789, affects most of the email servers online. A critical remote code vulnerability in the Exim mail transfer agent (MTA), tracked as CVE-2018-6789, affects most of the email servers online. It has been estimated that as in March 2017, the total number of Internet’s email servers running Exim was over […]

Pierluigi Paganini March 07, 2018

Funny? Useful? Cool? Kali Linux natively on Windows 10

It’s funny, but it is true, the popular Kali Linux hacking distro is available for download on the official Microsoft App Store on Windows 10. Kali Linux is now natively available on Windows 10, without requiring dual boot or virtualization. Kali Linux isn’t the unique Linux distribution available on the Windows App Store, Windows users […]

Pierluigi Paganini March 06, 2018

ComboJack Malware alters Windows clipboards to steal cryptocurrencies and payments

Palo Alto Networks discovered a malware dubbed ComboJack that is able of detecting when users copy a cryptocurrency address and alter clipboards to steal cryptocurrencies and payments. Crooks continue to focus their interest in cryptocurrencies, security researchers at Palo Alto Networks have spotted a strain of malware dubbed ComboJack that is able of detecting when users […]

Pierluigi Paganini March 06, 2018

Facebook improves link security infrastructure by implementing HSTS Preloading

Facebook has implemented HSTS preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook has upgraded its link security infrastructure to include HTTP Strict Transport Security (HSTS) preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook and Instagram links will automatically update from HTTP […]

Pierluigi Paganini March 05, 2018

Critical flaw in Pivotal’s Spring Data REST allows to hack any machine that runs an application built on its components

A critical flaw in Pivotal’s Spring Data REST allows remote attackers to execute arbitrary commands on any machine that runs an application built using its components. Pivotal’s Spring Data REST project is affected by a critical vulnerability, tracked as CVE-2017-8046, that was discovered by security researchers at Semmle/lgtm. Pivotal’s Spring Framework a platform is widely used by […]

Pierluigi Paganini March 05, 2018

Applebee restaurants suffered payment card breach

RMH Franchise Holdings revealed on Friday afternoon that PoS systems at the Applebee ’s restaurants were infected with a PoS malware. Another week another data breach, RMH Franchise Holdings revealed last week that PoS systems at the Applebee’s restaurants were infected with malware. The PoS malware was used to collect names, payment card numbers, expiration dates, and […]

Pierluigi Paganini March 05, 2018

New attacks on 4G LTE networks can allow to spy on users and spoof emergency alerts

A group of researchers discovered a number of weaknesses in the 4G LTE networks that could be exploited by attackers to eavesdrop on phone calls and text messages, knock devices offline, track location, and spoof emergency alerts. A group of researchers from Purdue and the University of Iowa have discovered a number of vulnerabilities affecting the […]