3449 matches found
Kaseya VSA 9.2 Authentication Bypass Vulnerability
Exploit for asp platform in category web applications ------------------------------------------------------------------------ Authentication bypass in Kaseya VSA ------------------------------------------------------------------------ Kin Hung Cheng, Robert Hartshorn, May 2017...
Kaseya VSA R9.2 Arbitrary File Read
------------------------------------------------------------------------ Arbitrary file read in Kaseya VSA ------------------------------------------------------------------------ Kin Hung Cheng, Robert Hartshorn, May 2017 ------------------------------------------------------------------------...
macOS Malware Creator Charged With Spying on Thousands of PCs Over 13 Years
The U.S. Justice Department unsealed 16-count indictment charges on Wednesday against a computer programmer from Ohio who is accused of creating and installing spyware on thousands of computers for more than 13 years. According to the indictment, 28-year-old Phillip R. Durachinsky is the alleged...
Spectre and Meltdown Attacks Against Microprocessors
The security of pretty much every computer on the planet has just gotten a lot worse, and the only real solution -- which of course is not a solution -- is to throw them all away and buy new ones. On Wednesday, researchers just announced a series of major security vulnerabilities in the...
ADRecon - Tool Which Gathers Information About The Active Directory
ADRecon is a tool which extracts various artifacts as highlighted below out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD...
Feds Shut Down 'Longest-Running' Andromeda Botnet
In a coordinated International cyber operation, Europol with the help of international law enforcement agencies has taken down what it called "one of the longest-running malware families in existence" known as Andromeda. Andromeda, also known as Win32/Gamarue, is an infamous HTTP-based modular...
Threat Landscape for Industrial Automation Systems in H1 2017
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team Kaspersky Lab ICS CERT publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017. All statistical data used in this report was collected using the Kaspersk...
Hacker Can Steal Data from Air-Gapped Computers Using IR CCTV Cameras
Air-gapped computers that are isolated from the Internet and physically separated from local networks are believed to be the most secure computers which are difficult to infiltrate. However, these networks have been a regular target in recent years for researchers, who have been trying to...
BlueBorne Bluetooth Vulnerabilities
US-CERT is aware of a collection of Bluetooth vulnerabilities, known as BlueBorne, potentially affecting millions of unpatched mobile phones, computers, and Internet of Things IoT devices. A remote attacker could exploit several of these vulnerabilities to take control of affected devices. US-CER...
New Locky Variant 'IKARUSdilapidated' Strikes Again
A second wave of the Locky ransomware variant called IKARUSdilapidated has been identified by security experts. The source of the ransomware is a botnet of zombie computers coordinated to launch phishing attacks that send emails and attachments appearing to come from a targeted recipient’s truste...
How A Coffee Machine Infected Factory Computers with Ransomware
By Waqas Its no surprise that the Internet of Things IoT devices This is a post from HackRead.com Read the original post: How A Coffee Machine Infected Factory Computers with Ransomware...
Parallels Desktop Virtual Machine Elevation of Privilege Vulnerability
Parallels Desktop is one of the most powerful virtual machine software for Mac computers. Parallels Desktop suffers from a local elevation of privilege vulnerability that allows an attacker to exploit the vulnerability to escape to the host host to execute arbitrary code...
Beware! Fireball Malware Infects Nearly 250 Million Computers Worldwide
Security researchers have discovered a massive malware campaign that has already infected more than 250 million computers across the world, including Windows and Mac OS. Dubbed Fireball, the malware is an adware package that takes complete control of victim's web browsers and turns them into...
Post-Quantum RSA
Interesting research on a version of RSA that is secure against a quantum computer: Post-quantum RSA Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta Abstract: This paper proposes RSA parameters for which 1 key generation, encryption, decryption, signing, and verification are...
Inmates Secretly Build and Network Computers while in Prison
This is kind of amazing: Inmates at a medium-security Ohio prison secretly assembled two functioning computers, hid them in the ceiling, and connected them to the Marion Correctional Institution's network. The hard drives were loaded with pornography, a Windows proxy server, VPN, VOIP and...
clickbank.com XSS vulnerability
Vulnerable URL: http://www.clickbank.com/product-category/computers-internet/?viewport=%22%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/;%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
Wanna Cry Again? NSA’s Windows 'EsteemAudit' RDP Exploit Remains Unpatched
Brace yourselves for a possible 'second wave' of massive global cyber attack, as SMB Server Message Block was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers dump last month. Although Microsoft released patches for SMB flaws for supported...
Keylogger Found in HP Laptop Audio Drivers
This is a weird story: researchers have discovered that an audio driver installed in some HP laptops includes a keylogger, which records all keystrokes to a local file. There seems to be nothing malicious about this, but it's a vivid illustration of how hard it is to secure a modern computer. The...
WannaCry Ransomware That's Hitting World Right Now Uses NSA Windows Exploit
Update — After reading this article, if you want to know, what has happened so far in past 4 days and how to protect your computers from WannaCry, read our latest article "WannaCry Ransomware: Everything You Need To Know Immediately." Earlier today, a massive ransomware campaign hit computer...
Police Arrest Man Potentially Linked to Group Threatening to Wipe Millions Of iPhones
The British authority has reportedly arrested a 20-years-old young man – potentially one of the member of a cyber criminal gang 'Turkish Crime Family' who threatened Apple last week to remotely wipe data from millions of iOS devices unless Apple pays a ransom of $75,000. The UK's National Crime...