delete

DDoS Attacks on the Rise...

Hi all, DDoS attacks pose a serious threat to organisations. A recent report released by NEUSTAR confirmed that DDoS attacks continue to pose a legitimate threat as a dangerous weapon used to create chaos and hold organizations hostage. Out of the organisations NEUSTAR has surveyed, 79% report yearly revenues of more than $100 million, with $1 billion or more in annual revenue. It was revealed that slightly over 7 out of 10 of global brands and organizations reported a DDoS attack in 2015. Repeated attacks were reported from 82% of the attacked corporations. And out of...
delete

Hypervisor Wiretap Feature...

Hello everybody, Bitdefender recently discovered a real-time technique that can undo encrypted communications leaving no footprint that can be traced by anyone except extremely careful security auditors. This technique developed for research purposes has been dubbed TeLeScope. It proves that a third-party can eavesdrop on communications encrypted with the Transport Layer Security (TLS) protocol between an end-user and a virtualised instance of a server. This attack allows malicious Cloud provider to uncover the TLS keys used to encrypt communication sessions between...
delete

SS7 Attacks Getting Serious...

Hello all, Mobile networking experts at Positive Technologies security firm  showed a new attack method that uses the Signaling System No. 7 (SS7)  mobile telecommunications protocol to impersonate mobile users and receive messages intended for other people. They only used a cheap laptop running Linux and an SDK to interact with the SS7 protocol, for the proof-of-concept demonstration. Developed in 1975, SS7 allows telco operators to interconnect fixed line and/or mobile telephone networks. It was never updated properly and is outdated. Ever since 2014, security experts...
delete

Old SAP Software Vulnerability Exploited...

Hello everybody, A security vulnerability in SAP business software that has been there since 2010 was exploited by hackers recently. The US Computer Emergency Response Team (US-CERT) says that at least 36 enterprises are at risk of attack if their SAP is outdated or misconfigured. This problem was discovered by a firm called Onassis. A company within the top-10 highest annually grossing global enterprise is also said to be at risk. Over a dozen of the affected companies generate over $10bn in annual revenue. Onapsis didn’t name the affected firms but said they were...
delete

Trade Your Password For A Chocolate, Wil...

Hi guys! A large study with 1,208 participants was conducted by the Université du Luxembourg which revealed that social engineering attacks are more successful with a little chocolate as a gift. The study was co-authored by Dr André Melzer who describes in the paper: “When someone does something nice for us, we automatically feel obliged to return the favour. This principle is universal and important for the way we function as a society. However, this internal pressure can also be exploited to achieve certain purposes, such as encouraging someone to divulge a...
delete

Oh oh! Vulnerabilities found in the Mr R...

Hello guys, leet white hat hacker going by the name Zemnmez discovered a security flaw in Mr Robot new website- the hit USA Network show. shortly after a quick note to Mr Robot writer Sam Esmail, the vulnerability was patched. On the day Mr Robot kicked off a promo campaign for the second series, the Cross-site scripting flaw was discovered. The launch included a clip of President Obama apparently condemning a ( fictional) destructive attack on the US financial system at the end of the first series, and a website, whoismrrobot.com mimicking a mix of Linux command line...
delete

Banking Trojan Taking Over Android Devic...

Hi guys, Android users are affected by Hundreds of different banking Trojans. One of them are the Android.SmsSpy.88.origin, which was first spotted in 2014 but according to Doctor Web researchers the popularity rating is still high. The Trojan has been improved with ransomware functions. Originally it was designed to intercept text messages, make phone calls, and steal credit card information as well as login credentials from online banking programmes. The researchers said, “The Trojan is distributed under the guise of a benign application, for example, Adobe Flash...
delete

Competition In The Hacker World...

Hey folks! The darknet site “Besa Mafia,” was attacked by a hacker called “bRpsd”  and information about its users, hit orders, and personal messages for the world (and law enforcement) was leaked. Largely connected to the Albanian Mafia, Besa Mafia is a ‘hitman-for-hire’ website which uses DeepWeb security and Bitcoin to stay behind the curtain, but that didn’t stop a hacker breaking into the site and posting its information. BatBlue reports, was some of the leaked data which contained 250 user accounts, 38 hit orders, over 2,000 personal messages...
delete

Are You Vulnerable to the “Forbidden A...

Hello guys, An international team of researchers discovered that Dozens of VISA financial services websites are vulnerable to attacks where malicious code can be injected and content can be forged into the browsers of visitors. An exploit that’s a decade old and been dubbed the “forbidden attack”  existed in 184 servers that belonged to the German stock exchange Deutsche Börse and Polish banking association Zwizek Banków Polskich. From an internet-wide scan performed in January it has been shown that apart from those, another 70,000 webservers were at risk but...
delete

Cyber Fraud Incidents Targeting SWIFT Sy...

Hi guys, The Philippine governor said that its central bank has attempted to foil hacker attackers on its website. The global financial network SWIFT recently warned multiple cyber fraud incidents targeting its system. The SWIFT disclosure was followed by the investigation by the law enforcement authorities in Bangladesh and elsewhere on the February cyber theft of $81 million from the Bangladesh central bank account at the New York Federal Reserve Bank. The governor said that the hacking only involved its website and that it has been updating its cyber security systems...

« Previous Entries Next Entries »