Monthly Archives: December 2013
eBay XSRF flaw allows attacker to make unauthorized purchases
10:30 ET, 30 December 2013 EBay website is vulnerable to XSRF (Cross-site request forgery) attack that would allow an attacker to hijack an account and make unauthorized purchases. A new […]
The value of stolen card data that includes localization info
9:30 ET, 27 December 2013 The hackers behind Target data breach are selling stolen card data including localization info. Why? In numerous posts I have highlighted the possibility to acquire […]
Hackers have compromised a misconfigured cloud server in less than 4h
9:30 ET, 26 December 2013 CloudPassage organized an exercise to demonstrated how it is simple the live server exploitation of cloud environments poorly configured. Cloud computing is considerable one of […]
RSA refused claims on NSA Relationship and encryption backdoor
11:30 ET, 24 December 2013 RSA published a blog post to deny the accusation about secret partnership with the National Security Agency and the use of flawed algorithm in its […]
NSA paid 10M$ to RSA to insert an encryption backdoor in its solution
14:00 ET, 23 December 2013 Last revelation based on the documents leaked by Edward Snowden is related to the allegedly encryption backdoor inserted by RSA in the BSafe software. Is […]
Target retailer investigating data breach involving 40M card accounts
9:30 ET, 20 December 2013 US retailer Target is investigating a data breach potentially involving millions of customer credit and debit card data occurred during holiday shopping. Nearly 40 Million […]
Website traffic report shows an increase of malicious bots activity
10:00 ET, 19 December 2013 Incapula security firm published a new report on the analysis of website traffic evidencing the increment for malicious activities. Researchers at the Incapsula security firm […]
Safari browser stores in plain text previous secure session data
12;00 ET, 18 December 2013 Researchers at Kaspersky Lab discovered Apple Safari browser stores previous secure session data unencrypted in a hidden folder. Apple’s Safari browser stores session information including […]
Cyber security, Questions and Answers with the expert
11:00 ET, 17 December 2013 Interview with the security experts Andrey Komarov and Dan Clements of IntelCrawler to analyze significant evolutions in the cyber-threat landscape. Today I desire to […]
NSA and GCHQ infiltrated virtual online gaming communities
10:00 ET, 16 December 2013 The Guardian published documents that reveal NSA and GCHQ infiltrate gaming platforms and communities including World of Warcraft and Second Life NSA and British GCHQ are […]
Detected 64 bit ZeuS banking trojan using Tor network
10:00 ET, 13 December 2013 Security researchers at Kaspersky Lab have detected a 64-bit Zeus banking trojan version enhanced with communication capability on the Tor network. Is Zeus banking trojan […]
Near East – new heaven for bulletproof hosting providers, first effects of cyberwar
9:30 ET, 12 December 2013 Intelligence experts at IntelCrawler discovered a Russian-speaking group offers bulletproof hosting in Syria, Lebanon … Countries that represent the new heaven for cybercriminals IntelCrawler: […]
Chinese Hackers Spying on European Diplomats
10:00 ET, 11 December 2013 Security experts at FireEye discovered a cyber espionage operation conducted by Chinese hackers on the computer at the foreign ministries of the Czech Republic, Portugal, Bulgaria, Latvia and Hungary. Security […]
French Government ANSSI responsible of a MITM against Google SSL-TLS
9:30 ET, 10 December 2013 Google discovered the unauthorized use of digital certificates issued by an intermediate certificate authority linked to ANSSI for several Google domains. Google has revealed that […]
Microsoft, Europol, FBI and partners decapitated ZeroAccess botnet
10:00 ET, 9 December 2013 Microsoft Digital Crimes Unit, FBI, Europol and industry partners decapitated the feared ZeroAccess botnet that hijacks search results Microsoft this week has announced that thanks […]
D-Link upgrades its firmware to fix backdoor presence
9:30 ET, 5 December 2013 D-Link company has recently released a new version of firmware to fix backdoor vulnerability in various network device models. Last October the security expert Craig Heffner […]
Potentially Unwanted Programs secretly serve Bitcoin miner
11:30 ET, 4 December 2013 Security experts at Malwarebytes discovered Potentially Unwanted Programs like Toolbars and Search Agents that installed Bitcoin miners on user’s PC The value of the Bitcoin […]
Israel and Saudi Arabia are plotting a cyber weapon worse than Stuxnet
10:00 ET, 3 December 2013 Iranian report states that Israel and Saudi Arabia are plotting new computer cyber weapon to sabotage the Iranian nuclear program like happened with Stuxnet. Saudi […]
MS Windows XP CVE-2013-5065 Eleventh zero-day flaw found by FireEye
9:30 ET, 2 December 2013 FireEye Security Experts discovered Microsoft Windows XP and Server 2003 privilege escalation zero-day exploit Security experts at FireEye have discovered a new zero-day, a privilege escalation vulnerability in Windows XP and […]