Post

Visualizzazione dei post da settembre, 2016

Sad reality: It's cheaper to get hacked than build strong IT defenses

http://www.theregister.co.uk/2016/09/23/if_your_company_has_terrible_it_security_that_could_be_a_rational_business_decision/

SWIFT warns of more 'sophisticated' attacks, readies anti-fraud tool

http://www.theregister.co.uk/2016/09/22/swift_warns_of_more_sophisticated_attacks_readies_antifraud_tool/

Girls’ fashion hangout site leaking millions of plaintext passwords

https://nakedsecurity.sophos.com/2016/09/27/girls-fashion-hangout-site-leaking-millions-of-plaintext-passwords/

Large CCTV Botnet Leveraged in DDoS Attacks

https://blog.sucuri.net/2016/06/large-cctv-botnet-leveraged-ddos-attacks.html

How Hackers Breached Two Gambling Payment Providers To Harvest 'Millions' Of Records

http://www.forbes.com/sites/thomasbrewster/2015/11/05/optimal-payments-hack-investigation/

Attacco hacker a Yahoo: "Rubate chiavi d'accesso a mezzo miliardo di utenti"

http://www.repubblica.it/tecnologia/sicurezza/2016/09/22/news/attacco_hacker_a_yahoo_rubate_chiavi_d_accesso_a_200_milioni_di_utenti_-148310314/

Update: Researchers show off remote attack against Tesla Model S

http://www.computerworld.com/article/3121908/security/researchers-show-off-remote-attack-against-tesla-model-s.html

KrebsOnSecurity Hit With Record DDoS

http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/

How America’s 911 emergency response system can be hacked

https://www.washingtonpost.com/news/the-switch/wp/2016/09/09/how-americas-911-emergency-response-system-can-be-hacked/

Google Hacker Finds Way To Exploit Yet Another ‘Stagefright’ Bug

http://motherboard.vice.com/read/google-hacker-finds-another-stagefright-bug

Read the damning dossier on the security stupidity that let China ransack OPM's systems

http://www.theregister.co.uk/2016/09/08/opm_hacking_report/

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years — Krebs on Security

http://krebsonsecurity.com/2016/09/israeli-online-attack-service-vdos-earned-600000-in-two-years/

How one man could have deleted any Facebook page

https://nakedsecurity.sophos.com/2016/09/20/how-one-man-could-have-deleted-any-facebook-page/

Science news journal EurekAlert down after hack

https://nakedsecurity.sophos.com/2016/09/19/science-news-journal-eurekalert-down-after-hack/

Mozilla will patch zero-day Firefox bug to fizzle man-in-the-middle diddle

http://www.theregister.co.uk/2016/09/18/mozilla_tor_flaws/

Someone just lost 324k payment records, complete with CVVs

https://www.troyhunt.com/someone-just-lost-324k-payment-records-complete-with-cvvs/

Cash if you get ransomware on your machine

http://www.scmagazineuk.com/news/cash-if-you-get-ransomware-on-your-machine/article/511786/

6.6 million plaintext passwords exposed as site gets hacked to the bone

http://arstechnica.com/security/2016/09/plaintext-passwords-and-wealth-of-other-data-for-6-6-million-people-go-public/

Hacker russi nel sito Wada: "Atleti Usa dopati". C'è anche la Biles: "Ma ho sempre seguito regole"

http://www.repubblica.it/sport/2016/09/13/news/hacker_wada-147674194/

How one man could have owned GitHub, and what happened next…

https://nakedsecurity.sophos.com/2016/08/31/how-one-man-could-have-owned-github-and-what-happened-next/

GM Recalls Millions of Cars After Critical Bug Found

http://www.infosecurity-magazine.com/news/gm-recalls-millions-of-cars-after/

Cryptocurrency Mining Malware Discovered Targeting Seagate NAS Hard Drives

http://news.softpedia.com/news/cryptocurrency-mining-malware-discovered-targeting-seagate-nas-hard-drives-508119.shtml

Read the damning dossier on the security stupidity that let China ransack OPM's systems

http://www.theregister.co.uk/2016/09/08/opm_hacking_report/

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years — Krebs on Security

http://krebsonsecurity.com/2016/09/israeli-online-attack-service-vdos-earned-600000-in-two-years/

The Hunt for Lurk - Securelist

https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/

Google Hacker Finds Way To Exploit Yet Another ‘Stagefright’ Bug

http://motherboard.vice.com/read/google-hacker-finds-another-stagefright-bug

How America’s 911 emergency response system can be hacked

https://www.washingtonpost.com/news/the-switch/wp/2016/09/09/how-americas-911-emergency-response-system-can-be-hacked/

Trustpilot hacked and customer database set for sale - Resiport

https://www.resiport.com/trustpilot-hacked-and-customer-database-set-for-sale/

Exile Mod Gaming Forum Hacked; 12,000 Accounts Leaked

https://www.hackread.com/exile-mod-gaming-forum-hacked/

Cisco's Talos & GoDaddy Shut Down Malvertising Campaign - E Hacker News

http://www.ehackingnews.com/2016/09/ciscos-talos-godaddy-shut-down.html?m=1

Mr.Chow's Website Serves Ransomware To Customers - E Hacker News

http://www.ehackingnews.com/2016/09/mrchows-website-serves-ransomware-to.html?m=1

911 could face its own emergency: Hackers - CNET

http://www.cnet.com/news/911-could-face-its-own-emergency-hackers/

Hackers holding school computers hostage | WBTW.com

http://wbtw.com/2016/09/09/hackers-holding-school-computers-hostage-2/

43.7% of cloud-based malware delivers ransomware - Help Net Security

https://www.helpnetsecurity.com/2016/09/09/cloud-based-malware/

Watch How Government Spyware Infects a Computer in This Leaked Demo Video | Motherboard

https://motherboard.vice.com/read/rcs-lab-government-spyware-infects-a-computer-in-this-leaked-demo-video

Gorizia, hacker nel server scolastico. E i “4” sono diventati “10”

http://ilpiccolo.gelocal.it/trieste/cronaca/2016/05/21/news/gorizia-l-attacco-informatico-1.13513088

Read the damning dossier on the security stupidity that let China ransack OPM's systems • The Register

http://www.theregister.co.uk/2016/09/08/opm_hacking_report/

Stealing login credentials from a locked PC or Mac just got easier

http://arstechnica.com/security/2016/09/stealing-login-credentials-from-a-locked-pc-or-mac-just-got-easier/

Mr Chow plates up sticky ransomware • The Register

http://www.theregister.co.uk/2016/09/07/mr_chow_plates_up_sticky_ransomware/

Internet of Sins: Million more devices sharing known private keys for HTTPS, SSH admin • The Register

http://www.theregister.co.uk/2016/09/07/bad_key_security_holes_getting_worse/

Project Zero: Return to libstagefright: exploiting libutils on Android

http://googleprojectzero.blogspot.com/2016/09/return-to-libstagefright-exploiting.html

Network Management Systems are a 'treasure map' for hackers • The Register

http://www.theregister.co.uk/2016/09/07/natwork_magement_vulns/

When you've paid the ransom but you don't get your data back • The Register

http://www.theregister.co.uk/2016/09/07/uk_ransomware_victim_survey/

Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops • The Register

http://www.theregister.co.uk/2016/09/07/spoof_an_ethernet_adapter_on_usb_and_you_can_sniff_credentials_from_locked_laptops/

Issue 890 - project-zero - Dashlane: universal XSS in doOnboardingSiteStep API - Monorail

https://bugs.chromium.org/p/project-zero/issues/detail?id=890

Sneaky Gugi banking trojan sidesteps Android OS security barricades • The Register

http://www.theregister.co.uk/2016/09/06/gugi_android_banking_trojan_revamp/

Hacker takes down CEO wire transfer scammers, sends their Win 10 creds to the cops • The Register

http://www.theregister.co.uk/2016/09/06/hacker_hacks_ceo_wire_transfer_scammers_sends_win_10_creds_to_cops/

ASUS Broken API Authentication

https://blog.fletchto99.com/2016/september/asus-disclosure/index.html

Forum for Porn Site Brazzers Compromised in Major Hack | The Daily Dot

http://www.dailydot.com/layer8/brazzers-hack/

98.1 million CLEARTEXT passwords pasted as Rambler.ru rumbled • The Register

http://www.theregister.co.uk/2016/09/06/981_million_cleartext_accounts_leaked_as_ramblerru_rumbled/

More IoT insecurity: the routers that take instructions from anyone – Naked Security

https://nakedsecurity.sophos.com/2016/09/05/more-iot-insecurity-the-routers-that-take-instructions-from-anyone/

Security group OurMine briefly took over Variety earlier today | The Verge

http://www.theverge.com/2016/9/3/12785768/ourmine-security-group-variety-hack

How Spy Tech Firms Let Governments See Everything on a Smartphone - NYTimes.com

http://mobile.nytimes.com/2016/09/03/technology/nso-group-how-spy-tech-firms-let-governments-see-everything-on-a-smartphone.html?smid=tw-share&referer=https://t.co/qDSS256JTb

Apple releases new update after hack flaws - E Hacker News

http://www.ehackingnews.com/2016/09/apple-releases-new-update-after-hack.html?m=1

FairWare Ransomware targets Linux Servers - E Hacker News

http://www.ehackingnews.com/2016/09/fairware-ransomware-targets-linux.html?m=1

Details of BTC-E and BitcoinTalk breach revealed - E Hacker News

http://www.ehackingnews.com/2016/09/details-of-btc-e-and-bitcointalk-breach.html?m=1

New cloud attack takes full control of virtual machines with little effort | Ars Technica

http://arstechnica.com/security/2016/08/new-attack-steals-private-crypto-keys-by-corrupting-data-in-computer-memory/

Patched ColdFusion Flaw Exposes Applications to Attack | Threatpost | The first stop for security news

https://threatpost.com/patched-coldfusion-flaw-exposes-applications-to-attack/120301/

Transmission hijacked to broadcast Mac malware • The Register

http://www.theregister.co.uk/2016/09/01/transmission_booby_trapped_downloads/

Did you stay at any of these 60 Kimpton hotels? Whelp, hackers have your card details • The Register

http://www.theregister.co.uk/2016/09/01/kleptos_clean_careless_klimpton/

Patch now: Apple emits fix for Pegasus spyware bugs in OS X, Safari • The Register

http://www.theregister.co.uk/2016/09/02/macos_safari_security_update/

Lightspeed PoS vendor breached, sensitive database tapped • The Register

http://www.theregister.co.uk/2016/09/02/lightspeed_pos_vendor_breached_sensitive_database_tapped/

Trojan imitates Google Play store user - E Hacker News

http://www.ehackingnews.com/2016/09/trojan-imitates-google-play-store-user.html?m=1

Ransomware attacks Linux servers, demands bitcoins - E Hacker News

http://www.ehackingnews.com/2016/09/ransomware-attacks-linux-servers.html?m=1

Blackhat wannabes proffer probably bogus Linux scamsomware • The Register

http://www.theregister.co.uk/2016/09/01/blackhat_wannabes_proffer_bogus_linux_scamsomware/

Cisco SOHO switches patched for SOHOpeless vuln • The Register

http://www.theregister.co.uk/2016/09/01/cisco_soho_switches_patched_for_sohopeless_vuln/

Malware exposes payment card data at Kimpton Hotels

http://www.cnet.com/news/malware-exposes-payment-card-data-at-kimpton-hotels/