US Government has published cybersecurity framework for critical infrastructure,  a “living document” to improve internal security. The US Government has issued a cybersecurity framework for critical infrastructure, the goal is to improve IT and SCADA networks deployed in sensitive industries such as energy, water and financial services. The NIST announced the Framework for Improving Critical Infrastructure Security, a document that proposed […]
Researcher Dana Taylor is warning on the existence of two critical vulnerabilities in Oracle servers in the wild since a long time. Two serious vulnerabilities affect Oracleâs older database packages, allowing an attacker to remotely access a server bypassing authentication mechanism. Exploiting the flaws the attackers can browse the filesystem of the server accessing any files. […]
Algerie Telecom TP-LINK TD-W8951ND Routers are vulnerable, they contain a critical vulnerability exploitable to gain unauthorized access and reveal user’s password. Also TP-LINK routers are vulnerable, this is the latest chapter in the saga of the vulnerabilities present in our routers after that a security researcher discovered serious flaw in CISCO, Linksys and Netgear, meanwhile […]
A security issue inside cookie-based storage mechanism of Ruby on Rails could expose thousand websites to cyber attacks. Ruby on Rails, “hit an open source web application framework to compromise a wide audience”, this is the thought of attackers that desire who want to hack the highest number of web sites. A security issue inside […]
Researcher Craig published an interesting blog post on “/dev/ttyS0” on the reverse engineering of the backdoor present in many D-Link devices. Today I decided to propose an interesting backdoor analysis published on the blog “/dev/ttyS0” specialized on the embedded device hacking. The researcher Craig demonstrated the presence of a backdoor within some DLink routers that allows an attacker to […]