15 matches found
Efficiency? Security? When the quest for one grants neither.
Welcome to this week's edition of the Threat Source newsletter. Benjamin Franklin once said, "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." In much the same way, those who rush for efficiency without taking into account...
CVE-2024-13328
creationtimestamp| type| source ---|---|--- 2025-02-04 06:16:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdfsuh2442n 2025-02-04 06:28:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113944198699864390 2025-02-04 08:02:09+00:00| seen|...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
vuln4japi A vulnerable Java based REST API for demonstrating C...
Top Zero Days, Data Breaches and Security Stories of 2019: News Wrap
From data breaches and the ransomware epidemic to new regulation and an outcry around data privacy, 2019 has been a wild ride for the infosec community. Threatpost breaks down the top news stories, trends and topics for this year. Listen to the full podcast or download direct. For a lightly-edite...
Download Kali Linux 2019.1 with Metasploit 5.0
By Waqas Download Kali Linux 2019.1 now! - This is the first major update for Kali Linux ever since version 4.0 was released in 2011. Kali Linux is one of the most popular Debian-based Linux distribution for advanced Penetration Testing and that is why the InfoSec community eagerly waits for its...
How to tap the RPC vulnerability, Part 1-the vulnerability warning-the black bar safety net
One, Foreword 2018 Year 8 months late, and one researcher(SandboxEscaper open a Windows local privilege escalation 0day vulnerabilities. On the Internet public after less than two weeks time, the vulnerability has already been malware attacks by using reference ESET articles published in. This...
Reddit Breach Stems from SMS Two-Factor Authentication Breakdown
Reddit confirmed Wednesday that a hacker broke into its systems and has accessed user data – including email addresses and passwords for accounts. The company said in a post today that the compromise occurred between June 14 and June 18, and it detected the incident on June 19. “We learned that a...
Facebook Removes 17 Profiles Involved in Political Meddling
Facebook Tuesday said that it has removed 32 pages from its platform involved in “coordinated inauthentic behavior.” The action comes months before the November midterm elections – and at a time when all eyes are on Facebook to see how it protects against potential campaigns attempting to sway...
“Unhackable” Bitfi crypto wallet. What’s all the fuss about?
If you haven’t already seen the Bitfi cryptocurrency wallet, check it out here. With backing from John McAfee, it’s claimed that the device is unhackable. So why all the fuss in the infosec community? Here’s the claim they make: ‘Completely un-hackable’ That is a very, very brave claim to make...
Welcome to a New Look for Threatpost
Today we’re excited to unveil a better Threatpost. The update brings a fresh new look to the site, but also gives us a better platform overall, built and designed from the ground up for the future. Our first goal was to preserve all the things that didn’t need fixing – starting with Threatpost’s...
Distributed Network Vulnerability Scanner: Prowler
Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon – HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...
The Hacker News Celebrates 7th Anniversary — Big Thanks 🥂 to Our Readers
The Hacker News THN, the widely-read cybersecurity news source for hackers and technologists, is celebrating its 7th Anniversary today. This is a huge milestone for THN and our team, but this day really belongs to you—our readers. Without you, we would not be here, and we appreciate you for...
Kaspersky Opens Antivirus Source Code for Independent Review to Rebuild Trust
Kaspersky Lab — We have nothing to hide! Russia-based Antivirus firm hits back with what it calls a "comprehensive transparency initiative," to allow independent third-party review of its source code and internal processes to win back the trust of customers and infosec community. Kaspersky launch...
Google 0-Day Hunters Find 'Crazy Bad' Windows RCE Flaw
Update Monday, May 08, 2017: Microsoft has released an emergency security update to patch below-reported crazy bad remote code execution vulnerability in its Microsoft Malware Protection Engine MMPE that affects Windows 7, 8.1, RT and 10 computers, as well as Windows Server 2016 operating systems...
Project Zero - A Team of Star-Hackers Hired by Google to Protect the Internet
Today Google has publicly revealed its new initiative called “Project Zero,” a team of Star Hackers and Bug Hunters with the sole mission to improve security and protect the Internet. A team of superheroes in sci-fi movies protect the world from Alien attack or bad actors, likewise Project Zero i...