Standard Post with Image

Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities

Samba maintainers have just released new versions of their networking software to patch two critical vulnerabilities that could allow unprivileged remote attackers to launch DoS attacks against servers and change any other users’ passwords, including admin’s.

Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS.

Read More
Standard Post with Image

Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week

A massive malware outbreak that last week infected nearly half a million computers with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called MediaGet.

Dubbed Dofoil (also known as Smoke Loader), the malware was found dropping a cryptocurrency miner program as payload on infected Windows computers that mine Electroneum digital coins for attackers using victims’ CPU cycles.

Read More
Standard Post with Image

Kaspersky Lab researchers uncover Slingshot Malware

Kaspersky Lab researchers have uncovered a sophisticated threat used for cyber-espionage in the Middle East and Africa from at least 2012 until February 2018. The malware, which researchers have called ‘Slingshot’, attacks and infects victims through compromised routers and can run in kernel mode, giving it complete control over victim devices.

According to researchers, many of the techniques used by this threat actor are unique and it is extremely effective at stealthy information gathering, hiding its traffic in marked data packets that it can intercept without trace from everyday communications.

Read More
Standard Post with Image

CredSSP Flaw in Remote Desktop Protocol Affects All Versions of Windows

A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.

CredSSP protocol has been designed to be used by RDP (Remote Desktop Protocol) and Windows Remote Management (WinRM) that takes care of securely forwarding credentials encrypted from the Windows client to the target servers for remote authentication.

Read More
Standard Post with Image

Kali Now Available in the Microsoft App Store

Kali Linux, a penetration testing app from Offensive Security, became available in the Microsoft Store on Monday.

Kali Linux Security App Lands in Microsoft Store

Read More
Standard Post with Image

Hacker Who Never Hacked Anyone Gets 33-Month Prison Sentence

A hacker who was arrested and pleaded guilty last year—not because he hacked someone, but for creating and selling a remote access trojan that helped cyber criminals—has finally been sentenced to serve almost three years in prison.

Taylor Huddleston, 26, of Hot Springs, Arkansas, pleaded guilty in July 2017 to one charge of aiding and abetting computer intrusions by building and intentionally selling a remote access trojan (RAT), called NanoCore, to hackers for $25.

Read More
Standard Post with Image

3 Reasons to use a WAF

Web application firewalls (WAFs) are an additional security layer that can be deployed to filter inbound traffic to web servers for malicious payloads and are a great defence when used as part of a secure system lifecycle.

Read More
Standard Post with Image

Hackers Exploiting 'Bitmessage' Zero-Day to Steal Bitcoin Wallet Keys

Bitmessage developers have warned of a critical ‘remotely executable’ zero-day vulnerability in the PyBitmessage application that was being exploited in the wild.

Bitmessage is a Peer-to-Peer (P2P) communications protocol used to send encrypted messages to users. Since it is decentralized and trustless communications, one need-not inherently trust any entities like root certificate authorities.

Those who unaware, PyBitmessage is the official client for Bitmessage messaging service.

Read More
Standard Post with Image

Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser

Some websites have found using a simple yet effective technique to keep their cryptocurrency mining javascript secretly running in the background even when you close your web browser.

Due to the recent surge in cryptocurrency prices, hackers and even legitimate website administrators are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor’s PC to mine Bitcoin or other cryptocurrencies.

Read More
Standard Post with Image

macOS High Sierra Bug Lets Anyone Gain Root Access Without a Password

If you own a Mac computer and run the latest version of Apple’s operating system, macOS High Sierra, then you need to be extra careful with your computer.

A serious, yet stupid vulnerability has been discovered in macOS High Sierra that allows untrusted users to quickly gain unfettered administrative (or root) control on your Mac without any password or security check, potentially leaving your data at risk.

Read More
Looking for older posts? View our Archives