Yearly Archives: 2013
eBay XSRF flaw allows attacker to make unauthorized purchases
10:30 ET, 30 December 2013 EBay website is vulnerable to XSRF (Cross-site request forgery) attack that would allow an attacker to hijack an account and make unauthorized purchases. A new […]
The value of stolen card data that includes localization info
9:30 ET, 27 December 2013 The hackers behind Target data breach are selling stolen card data including localization info. Why? In numerous posts I have highlighted the possibility to acquire […]
Hackers have compromised a misconfigured cloud server in less than 4h
9:30 ET, 26 December 2013 CloudPassage organized an exercise to demonstrated how it is simple the live server exploitation of cloud environments poorly configured. Cloud computing is considerable one of […]
RSA refused claims on NSA Relationship and encryption backdoor
11:30 ET, 24 December 2013 RSA published a blog post to deny the accusation about secret partnership with the National Security Agency and the use of flawed algorithm in its […]
NSA paid 10M$ to RSA to insert an encryption backdoor in its solution
14:00 ET, 23 December 2013 Last revelation based on the documents leaked by Edward Snowden is related to the allegedly encryption backdoor inserted by RSA in the BSafe software. Is […]
Target retailer investigating data breach involving 40M card accounts
9:30 ET, 20 December 2013 US retailer Target is investigating a data breach potentially involving millions of customer credit and debit card data occurred during holiday shopping. Nearly 40 Million […]
Website traffic report shows an increase of malicious bots activity
10:00 ET, 19 December 2013 Incapula security firm published a new report on the analysis of website traffic evidencing the increment for malicious activities. Researchers at the Incapsula security firm […]
Safari browser stores in plain text previous secure session data
12;00 ET, 18 December 2013 Researchers at Kaspersky Lab discovered Apple Safari browser stores previous secure session data unencrypted in a hidden folder. Apple’s Safari browser stores session information including […]
Cyber security, Questions and Answers with the expert
11:00 ET, 17 December 2013 Interview with the security experts Andrey Komarov and Dan Clements of IntelCrawler to analyze significant evolutions in the cyber-threat landscape. Today I desire to […]
NSA and GCHQ infiltrated virtual online gaming communities
10:00 ET, 16 December 2013 The Guardian published documents that reveal NSA and GCHQ infiltrate gaming platforms and communities including World of Warcraft and Second Life NSA and British GCHQ are […]
Detected 64 bit ZeuS banking trojan using Tor network
10:00 ET, 13 December 2013 Security researchers at Kaspersky Lab have detected a 64-bit Zeus banking trojan version enhanced with communication capability on the Tor network. Is Zeus banking trojan […]
Near East – new heaven for bulletproof hosting providers, first effects of cyberwar
9:30 ET, 12 December 2013 Intelligence experts at IntelCrawler discovered a Russian-speaking group offers bulletproof hosting in Syria, Lebanon … Countries that represent the new heaven for cybercriminals IntelCrawler: […]
Chinese Hackers Spying on European Diplomats
10:00 ET, 11 December 2013 Security experts at FireEye discovered a cyber espionage operation conducted by Chinese hackers on the computer at the foreign ministries of the Czech Republic, Portugal, Bulgaria, Latvia and Hungary. Security […]
French Government ANSSI responsible of a MITM against Google SSL-TLS
9:30 ET, 10 December 2013 Google discovered the unauthorized use of digital certificates issued by an intermediate certificate authority linked to ANSSI for several Google domains. Google has revealed that […]
Microsoft, Europol, FBI and partners decapitated ZeroAccess botnet
10:00 ET, 9 December 2013 Microsoft Digital Crimes Unit, FBI, Europol and industry partners decapitated the feared ZeroAccess botnet that hijacks search results Microsoft this week has announced that thanks […]
D-Link upgrades its firmware to fix backdoor presence
9:30 ET, 5 December 2013 D-Link company has recently released a new version of firmware to fix backdoor vulnerability in various network device models. Last October the security expert Craig Heffner […]
Potentially Unwanted Programs secretly serve Bitcoin miner
11:30 ET, 4 December 2013 Security experts at Malwarebytes discovered Potentially Unwanted Programs like Toolbars and Search Agents that installed Bitcoin miners on user’s PC The value of the Bitcoin […]
Israel and Saudi Arabia are plotting a cyber weapon worse than Stuxnet
10:00 ET, 3 December 2013 Iranian report states that Israel and Saudi Arabia are plotting new computer cyber weapon to sabotage the Iranian nuclear program like happened with Stuxnet. Saudi […]
MS Windows XP CVE-2013-5065 Eleventh zero-day flaw found by FireEye
9:30 ET, 2 December 2013 FireEye Security Experts discovered Microsoft Windows XP and Server 2003 privilege escalation zero-day exploit Security experts at FireEye have discovered a new zero-day, a privilege escalation vulnerability in Windows XP and […]
Internet of Things – Symantec has discovered a new Linux worm
29 November 2013 Symantec security experts have discovered a new Linux worm that was designed to target the “Internet of things” infecting Intel x86-powered Linux devices. Symantec security experts have […]
Cyberespionage – Chinese Hackers targeting US Cloud service providers
9:00 ET, 28 November 2013 U.S.-China Economic and Security Review Commission reported for the first time that cloud computing “represents a potential espionage threat.” U.S.-China Economic and Security Review Commission […]
Mobile apps security study conducted by HP Fortify
12:30 ET, 27 November 2013 A study conducted by company’s enterprise security arm HP Fortify revealed that the majority of mobile apps based on iOS is vulnerable. The company’s enterprise […]
NSA compromised more than 50000 networks with malware
9:30 ET, 26 November 2013 A new report based on documents leaked by Snowden revealed that the NSA placed malicious software on more than 50000 networks around the world. The […]
Hacking Google Gmail accounts exploiting password reset system flaw
9:30 ET, 25 November 2013 Security researcher Oren Hafif demonstrated how to hack a Google Gmail account exploiting a serious flaw in the password reset process. A serious vulnerability in […]
British blogger discovered LG Smart TV spying on users
17:30 ET, 22 November 2013 British blogger revealed that his LG Smart TV collects and sends details about the owners’ viewing habits even if the users have activated a privacy […]
Why Nigerian Banks Will Keep Losing Money to e-Fraud
10:30 ET, 21 November 2013 The recent loss of money recorded by the Central Bank of Nigeria (CBN) has not only given researchers a case study but has shown that […]
Jeremy Hammond on state-sponsored hacktivism
9:30 ET, 20 November 2013 Jeremy Hammond was sentenced to 10 years in federal prison, during the process he declared that FBI directed my attacks of Anonymous on foreign governments. […]
A new modular malware platform sold on the underground
8:30 ET, 19 November 2013 Security researcher Dancho Danchev profiled a new commercially modular malware platform recently released on the underground marketplace. A new commercially modular malware platform has been […]
Discovered Open URL Redirection flaw in Facebook
9:30 ET, 18 November 2013 Researcher Dan Melamed recently discovered an open url redirection flaw in Facebook that allowed to have a facebook.com link redirect to any website. A Facebook […]
GCHQ used fake LinkedIn and Slashdot to hack GRX providers and OPEC
18:00 ET, 15 November 2013 The GCHQ (British Government Communications Headquarters) used fake LinkedIn and Slashdot to hack Belgacom, OPEC & others GRX providers. According to the German weekly news […]