Post

Visualizzazione dei post da novembre, 2015

Hacker holds UAE bank to ransom, demands $3m

http://gulfnews.com/xpress/dubai/courts-crime/hacker-holds-uae-bank-to-ransom-demands-3m-1.1626394

Can't get a break: Pwned Linux ransomware pwned again, infects 3000

http://www.theregister.co.uk/2015/12/01/cant_get_a_break_pwned_linux_ransomware_pwned_again_infects_3000/

Belkin's N150 router is perfect for learning hacking skills – wait, what, it's in production?

http://www.theregister.co.uk/2015/12/01/hole_in_belkin_home_router/

Cisco's telco-grade uber-routers can make almost anyone root

http://www.theregister.co.uk/2015/12/01/cisco_asr_1000s_get_root_vuln_patch/

Millions of Internet Things are “secured” by the same “private” keys |

http://nakedsecurity.sophos.com/2015/11/30/millions-of-internet-things-are-secured-by-the-same-private-keys/

How Corporate America keeps huge hacks secret November 30

http://money.cnn.com/2015/11/30/technology/secret-deals-hacked-companies/index.html?iid=SF_LN

VPN users menaced by port forwarding blunder • The Register

http://www.theregister.co.uk/2015/11/30/port_fail_vpn/

Port Fail: Vulnerability reveals real IP | Perfect Privacy

https://www.perfect-privacy.com/blog/2015/11/26/ip-leak-vulnerability-affecting-vpn-providers-with-port-forwarding/

Cops arrest 2 for operating “Fully UnDetectable” malware service |

https://nakedsecurity.sophos.com/2015/11/30/cops-arrest-2-for-operating-fully-undetectable-malware-service/

Just in time for Xmas: Extra stealthy Point of Sale malware • The Register

http://www.theregister.co.uk/2015/11/30/pro_pos_malware/

Nota senza titolo

http://www.theregister.co.uk/2015/11/27/malvertisers_spray_readers_digest_stinky_feet_with_exploit_kit/

Nota senza titolo

http://www.theregister.co.uk/2015/11/27/nine_percent_of_encrypted_traffic_open_to_hijack_from_shared_keys/

Mr Grey, the Russian hacker who helped haul in 1.2 billion logins • The Register

http://www.theregister.co.uk/2015/11/27/mr_grey_the_russian_hacker_who_helped_haul_in_12_billion_logins/

Researcher reveals Chinese e-crime shopping list • The Register

http://www.theregister.co.uk/2015/11/26/trend_micro_china_protype_nation/

Dell apologizes for HTTPS certificate fiasco, provides removal tool | Ars Technica

http://arstechnica.com/security/2015/11/dell-apologizes-for-https-certificate-fiasco-provides-removal-tool/

Lazy IoT, router makers reuse skeleton keys over and over in thousands of devices – new study • The Register

http://www.theregister.co.uk/2015/11/26/lazy_iot_skeleton_keys/

Hacker predicts AMEX card numbers, bypasses chip and PIN • The Register

http://www.theregister.co.uk/2015/11/25/kamkar_credit_card/

Nota senza titolo

http://www.bbc.co.uk/news/technology-34920557

Nota senza titolo

http://www.bbc.co.uk/news/technology-34920197

Nota senza titolo

http://www.bbc.co.uk/news/technology-34910649

Pen tester sounds alert over 'gaping' flaws in Brit alarm platform

http://www.theregister.co.uk/2015/11/24/dualcom_cameras_vulnerability/

Superfish 2.0 worsens: Dell's dodgy security certificate is an unkillable zombie

http://www.theregister.co.uk/2015/11/23/dell_security_nightmare_gets_worse/

British duo arrested for running malware encryption service

http://www.theregister.co.uk/2015/11/24/refudme_anti_antivirus/

World's most complex cash register malware plunders millions in US

http://www.theregister.co.uk/2015/11/24/modpos_point_of_sale_malware/

Dell does a Superfish, ships PCs with easily cloneable root certificates | Ars Technica

http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/

Superfish 2.0: Dell ships laptops, PCs with gaping internet security hole • The Register

http://www.theregister.co.uk/2015/11/23/dude_youre_getting_pwned/

United Airlines Bug Bounty: An experience in reporting a serious vulnerability - Randy Westergren

http://randywestergren.com/united-airlines-bug-bounty-an-experience-in-reporting-a-serious-vulnerability/

Criminal Ruskie BOFHs help hackers steal $790 million in three years • The Register

http://www.theregister.co.uk/2015/11/23/790_million_russian_financial_cybercrime/

Android adware can install itself even when users explicitly reject it | Ars Technica

http://arstechnica.com/security/2015/11/android-adware-can-install-itself-even-when-users-explicitly-reject-it/

Criminal are mostly hacking-by-numbers with exploit kits • The Register

http://www.theregister.co.uk/2015/11/19/exploit_kits_up_75percent_infoblox/

Hacking group Strontium dogs NATO and government targets • The Register

http://www.theregister.co.uk/2015/11/18/hacking_group_strontium_dogs_nato_and_government_targets/

Vicious Chrome V8 JavaScript Exploit Leaves All Android Devices Ripe For Attack | HotHardware

http://hothardware.com/news/vicious-chrome-javascript-v8-exploit-leaves-all-android-devices-ripe-for-attack

Botnet that enslaved 770,000 PCs worldwide comes crashing down

http://arstechnica.com/security/2015/04/botnet-that-enslaved-770000-pcs-worldwide-comes-crashing-down/

Badware in the firmware all over the place

http://www.theregister.co.uk/2015/11/16/badware_in_the_firmware_all_over_the_place/

Target stores attacked by pornographic pranksters - BBC News

http://www.bbc.com/news/technology-34556644

Ransomware-as-a-service surfaces, wants 10 percent profit cut

http://www.theregister.co.uk/2015/11/13/ransomwareasaservice_surfaces_wants_10_percent_profit_cut/

FastMail falls over as web service extortionists widen attacks and up their prices • The Register

http://www.theregister.co.uk/2015/11/11/fastmail_web_service_extortion/

Naked Security

https://nakedsecurity.sophos.com/2015/11/11/three-indicted-for-massive-hack-and-fraud-scheme-that-targeted-jpmorgan/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Latest Android phones hijacked with tidy one-stop-Chrome-pop • The Register

http://www.theregister.co.uk/2015/11/12/mobile_pwn2own/

Booming crypto ransomware industry employs new tricks to befuddle victims | Ars Technica

http://arstechnica.com/security/2015/11/booming-crypto-ransomware-industry-employs-new-tricks-to-befuddle-victims/

XOR DDoS Botnet Launching 20 Attacks a Day From Compromised Linux Machines | Akamai

https://www.akamai.com/us/en/about/news/press/2015-press/xor-ddos-botnet-attacking-linux-machines.jsp

Severe SAP HANA vulnerabilities allow hackers to take full control | ZDNet

http://www.economist.com/news/briefing/21677228-technology-behind-bitcoin-lets-people-who-do-not-know-or-trust-each-other-build-dependable

Packet floods can bork Borg's security kit

http://www.theregister.co.uk/2015/11/10/packet_floods_can_bork_borgs_security_kit/

Comodo kills 'forbidden' certs

http://www.theregister.co.uk/2015/11/10/comodo_kills_forbidden_certs/

Severe SAP HANA vulnerabilities allow hackers to take full control | ZDNet

http://www.zdnet.com/article/severe-sap-hana-vulnerabilities-allow-hackers-to-take-full-control/

The Economist spreading malware

http://www.economist.com/help/pagefair

Epic Fail: Power Worm Ransomware Accidentally Destroys Victim's Data During Encryption - Softpedia

http://news.softpedia.com/news/epic-fail-power-worm-ransomware-accidentally-destroys-victim-s-data-during-encryption-495833.shtml

What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability. |

http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

Naked Security

https://nakedsecurity.sophos.com/2015/11/06/encrypted-email-provider-protonmail-caves-in-to-extortion-hands-over-6000/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

ProtonMail: encrypted email provider held ransom by hackers | Technology | The Guardian

http://www.theguardian.com/technology/2015/nov/05/protonmail-service-held-ransom-by-hackers?CMP=twt_gu

ProtonMail still under attack by DDoS bombardment • The Register

http://www.theregister.co.uk/2015/11/05/protonmail_ddos_attack/

An Analysis of Reshipping Mule Scams | Bentham's Gaze

https://www.benthamsgaze.org/2015/10/27/an-analysis-of-reshipping-mule-scams/

Stuxnet-style code signing of malware becomes darknet cottage industry

http://www.theregister.co.uk/2015/11/04/code_signing_malware/

US, UK big banks to simulate mega-hacker cyber-attack

http://www.theregister.co.uk/2015/11/05/banks_to_face_cyber_security_test_this_month/

Want Some Nuclear Power Plant 'Zero-Day' Vulnerabilities? Yours For Just $8, 000 - Forbes

http://www.forbes.com/sites/thomasbrewster/2015/10/21/scada-zero-day-exploit-sales/

CSC, NetCracker IT staff worked on US military telecoms 'without govt security clearance' • The Register

http://www.theregister.co.uk/2015/11/02/netcracker_csc_dod_settlement/

Medical device password

https://twitter.com/XSSniper/status/661201580738260992

Vaticano: violati i file riservati di un computer, sospetti sui «corvi»

http://roma.corriere.it/notizie/cronaca/15_ottobre_31/vaticano-violati-file-riservati-computer-sospetti-corvi-d45fb7aa-7f9e-11e5-8b57-f1b8d18d1f0e.shtml

Researchers Find Vulnerabilities in Use of Certificates for Web Security

http://cmns.umd.edu/news-events/features/3304

Three quarters of cars stolen in France 'electronically hacked' - Telegraph

http://www.telegraph.co.uk/news/worldnews/europe/france/11964140/Three-quarters-of-cars-stolen-in-France-electronically-hacked.html?utm_content=buffera411a&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Accountant robbed of 1600 records in Xero tax fraud raid: report • The Register

http://www.theregister.co.uk/2015/10/30/vic_accountant_robbed_of_1600_records_in_xero_tax_fraud_raid_report/

Hacker Steals, Drives Away Jaguar XFR Exploiting Flaw in Wireless System

https://www.hackread.com/hacker-steals-drives-away-jaguar-xfr/