17 matches found
Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious...
OpenSSL Denial of Service Vulnerability (CNVD-2022-73349)
OpenSSL is a powerful, commercial-grade, full-featured open source toolkit for the Transport Layer Security TLS protocol, which is implemented based on the Full Strength Common Cryptographic Library for protecting communications on computer networks from eavesdropping and is widely used by Intern...
Gamifying machine learning for stronger security and AI models
To stay ahead of adversaries, who show no restraint in adopting tools and techniques that can help them attain their goals, Microsoft continues to harness AI and machine learning to solve security challenges. One area we’ve been experimenting on is autonomous systems. In a simulated enterprise...
Ukrainian Police Arrest Author of World's Largest Phishing Service U-Admin
Law enforcement officials in Ukraine, in coordination with authorities from the U.S. and Australia, last week shut down one of the world's largest phishing services that were used to attack financial institutions in 11 countries, causing tens of millions of dollars in losses. The Ukrainian attorn...
The vulnerability of the TSDNS discriver and the traffic analyzer for computer networks, Wireshark, allows a hacker to cause a service failure.
The vulnerability of the TSDNS discoverer and the Wireshark traffic analyzer in computer networks is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
OLX: Bypassing Phone Verification For Posting AD On OLX
Overview In computer networks, rate limiting is used to control the rate of traffic sent or received by a network interface controller. It can be induced by the network protocol stack of the sender due to a received ECN-marked packet and also by the network scheduler of any router along the way...
Ukrainian Hacker Admits Stealing Corporate Press Releases for $30 Million Profit
A 28-year-old Ukrainian hacker has pleaded guilty in the United States to stealing unpublished news releases and using that non-public information in illegal trading to generate more than $30 Million £20.8 Million in illicit profits. Vadym Iermolovych, 28, admitted Monday that he worked with two...
Summit Computer Networks Lil' HTTP Server 2.1/2.2 pbcgi.cgi Cross Site Scripting
No description provided by source. source: http://www.securityfocus.com/bid/5211/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. It is possible for attackers to construct a URL to the 'pbcgi.cgi' script which includes...
Pandora FMS <= 3.1 Path Traversal and LFI
Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers, applications and hardware systems such as...
[ Call for Articles ] The Hacker News Magazine - Hacktivism Special Edition - May 2012
Call for Articles The Hacker News Magazine - Hacktivism Special Edition - May 2012 A big shout out to all you cowboys and cowgirls who want to stir up some thoughtful reading and discussions by submitting to The Hacker News Magazine articles regarding Hacktivism. As you know, Hacktivism is the us...
U.S. drones affected by Keylogger Virus
U.S. drones affected by Keylogger Virus A keylogger of some sort has infiltrated classified and unclassified computer systems at Creech Air Force Base in Nevada, recording the keystrokes of pilots tasked with operating unmanned drone aircraft in Afghanistan and other international conflict zones...
Pentagon launches "Cyber Fast Track" program to fund hacker innovation
Pentagon launches "Cyber Fast Track" program to fund hacker innovation Peiter Zatko, a hacker known as Mudge who is now at the Defense Advanced Research Projects Agency, said he joined the Pentagon's research arm to try and build bridges between the government's cybersecurity needs and hackers...
WikiLeaks Prompts Federal Agencies to Assess Infosec Programs for Sensitive Data
In response to the embarrassment and perceived threat resulting from the WikiLeaks disclosures in recent months, the Office of Management and Budget has issued a hefty memo with pages of questions that federal agencies must use to conduct an initial assessment of their programs to handle and...
North Korea upgrading cyberattack capabilities
From AFP Via Yahoo News The North Korean regime is in the process of building up its capabilities to launch offensive computer attacks, according to news reports out of South Korea. The reports say that North Korea is specifically strengthening its information warfare program with the intention o...
Summit Computer Networks Lil HTTP Server 2.12.2 - pbcgi.cgi Cross-Site Scripting
Summit Computer Networks Lil HTTP Server 2.12.2 - pbcgi.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/5211/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. It is possible for attackers to construct a URL...
Summit Computer Networks Lil' HTTP Server 2.1/2.2 - 'pbcgi.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/5211/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. It is possible for attackers to construct a URL to the 'pbcgi.cgi' script which includes scripting code to execute in a user's...
ALERT: Lil'HTTP Server (Summit Computer Networks)
ALERT: Lil'HTTP Server Summit Computer Networks Vendor Notified: June 26 I have informed Summit of a flaw in its Lil'HTTP Server. The vulnerability lies in the "REPORT" functionality of urlcount.cgi. The flaw may allow malicious webmasters to script actions across domains. Users can protect...