That lock was supposed to be ‘smart’...

Hi folks, Did you know that Samsung’s ‘Smart’ Home was found to have flaws that allow hackers unlock doors and set off fire alarms? Internet-connected door lock with a PIN that can be programmed from your smartphone for your “smart home” suddenly seems like a dumb idea. A group of researchers at the University of Michigan and Microsoft have published a paper called the first in-depth security analysis of one such “smart home” platform that allows anyone to control their home appliances from light bulbs to locks with a PC or smartphone. They are planning to...

Ransomware Targeting Manufacturers Now...

Hi guys, Last year several healthcare organizations were hit by ransomware. But now according to research conducted by Fortinet, Manufacturing will be the next industry targeted. During the time period between the 1st of October 2015 and 30th of April 2016, Fortinet monitored network traffic for 59 medium to large manufacturers in 9 countries across the Americas, EMEA, and APAC. During those seven months,  8.63 million attempted attacks were recorded on those 59 manufacturers. And 78% of this malicious activity was targeted at large manufacturers with 1000 or more...

Waking Up To Facebook Messages You Did N...

Hello all, Most of us are on Facebook and it’s comforting to know they respond to vulnerabilities very fast. Check Point Security team discovered a vulnerability in Facebook Online chat and messenger App. This allows a malicious user to change a conversation thread and modify or remove any sent message, photo, file and link. The Facebook security team has immediately responded when the vulnerability was disclosed. This type of vulnerability can cause a lot of damage and have a severe impact especially because people use social media like Facebook for their daily...

Rumors about Dropbox Breach...

Hello everybody! LifeLock and other identity theft protection firms accidentally alerted their customers about a breach at Dropbox.com. However, DropBox wasn’t the site breached, it was the social network site Tumblr. It was revealed recently that over half billion usernames and passwords were stolen from Tumblr, MySpace and LinkedIn. These credentials from the social media sites were stolen years ago but the full extent of the breach was made clear recently. The false positive alerts sent by LifeLock has been received by a third party threat intelligence service,...

VK.com Experienced a Massive Data Breach...

Hello everybody, The same hacker who previously sold data dumps from MySpace, LinkedIn, Tumblr, and Fling.com has claimed to have stolen 100,544,934 records from VK.com, a Russian-based social network. A hacker named Peace (or Peace_of_mind) has tried to sell this entire dataset for 1 Bitcoin (~$570) and is available for sale on The Real Deal Dark Web marketplace. LeakedSource, Data breach search engine service has got this data from someone who bought it. The dataset has been analyzed and added to its service. Users can use their search engine and see if their data...

Belgian Police Talks About Facebook Reac...

Hey folks! Facebook launched six new ways of reacting to a post in February which was partly a way of answering to the calls for a ‘ Dislike button’. The Belgian police now say that the site is collecting information about people to help them in advertising and so it could be a problem to user privacy. “The icons help not only express your feelings, they also help Facebook assess the effectiveness of the ads on your profile,” a post on Belgian’s official police website reads. “By limiting the number of icons to six, Facebook is counting on you to express your...

DDoS Attacks on the Rise...

Hi all, DDoS attacks pose a serious threat to organisations. A recent report released by NEUSTAR confirmed that DDoS attacks continue to pose a legitimate threat as a dangerous weapon used to create chaos and hold organizations hostage. Out of the organisations NEUSTAR has surveyed, 79% report yearly revenues of more than $100 million, with $1 billion or more in annual revenue. It was revealed that slightly over 7 out of 10 of global brands and organizations reported a DDoS attack in 2015. Repeated attacks were reported from 82% of the attacked corporations. And out of...

Hypervisor Wiretap Feature...

Hello everybody, Bitdefender recently discovered a real-time technique that can undo encrypted communications leaving no footprint that can be traced by anyone except extremely careful security auditors. This technique developed for research purposes has been dubbed TeLeScope. It proves that a third-party can eavesdrop on communications encrypted with the Transport Layer Security (TLS) protocol between an end-user and a virtualised instance of a server. This attack allows malicious Cloud provider to uncover the TLS keys used to encrypt communication sessions between...

SS7 Attacks Getting Serious...

Hello all, Mobile networking experts at Positive Technologies security firm  showed a new attack method that uses the Signaling System No. 7 (SS7)  mobile telecommunications protocol to impersonate mobile users and receive messages intended for other people. They only used a cheap laptop running Linux and an SDK to interact with the SS7 protocol, for the proof-of-concept demonstration. Developed in 1975, SS7 allows telco operators to interconnect fixed line and/or mobile telephone networks. It was never updated properly and is outdated. Ever since 2014, security experts...

Old SAP Software Vulnerability Exploited...

Hello everybody, A security vulnerability in SAP business software that has been there since 2010 was exploited by hackers recently. The US Computer Emergency Response Team (US-CERT) says that at least 36 enterprises are at risk of attack if their SAP is outdated or misconfigured. This problem was discovered by a firm called Onassis. A company within the top-10 highest annually grossing global enterprise is also said to be at risk. Over a dozen of the affected companies generate over $10bn in annual revenue. Onapsis didn’t name the affected firms but said they were...

« Previous Entries Next Entries »