Lucene search
K

1221 matches found

Carbon Black Blog
Carbon Black Blog
added 2017/07/18 12:0 p.m.49 views

How Do SMEs Fight Off Cyberattacks?

I'd like to address some of the concerns that small and medium sized enterprises SMEs may have around cybersecurity, especially in the wake of the WannaCry ransomware attack and a continuous news flow around successful attacks on high profile companies. Does the fact that well-known brands are...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2017/07/05 2:13 p.m.21 views

Zeus - AWS EC2 / S3 Auditing & Hardening Tool

Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access Management Avoid the use of the "roo...

7.6AI score
Exploits0References1
CISA
CISA
added 2017/05/31 12:0 a.m.12 views

FBI Releases Article on Protecting Business Email Systems

The Federal Bureau of Investigation FBI has released an article on Building a Digital Defense with an Email Fortress. FBI warns that scammers commonly target business email accounts with phishing and social engineering schemes. Strategies for preventing email compromises include avoiding the use ...

6.7AI score
Exploits0References3
CISA
CISA
added 2017/05/25 12:0 a.m.13 views

FTC Releases Alert on Identity Theft

The Federal Trade Commission FTC has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to...

6.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2017/05/18 12:5 p.m.9 views

Senate's Use of Signal A Good First Step, Experts Say

On Tuesday the United States Senate made it official and approved the use of encrypted messaging app Signal by staffers. Encryption advocates applauded the measure, but say more needs to be done to protect “civic” infrastructure critical to democracy. “The move to secure communications...

0.7AI score
Exploits0References4
Akamai Blog
Akamai Blog
added 2017/05/09 2:41 p.m.20 views

Strengthening Network Access Security with Multi-Factor Authentication

As technology continues to develop, more and more applications become not just convenient, but necessary. It was less than a decade ago that it was inconceivable we would 'need' to carry a consumer device to access the internet in our pockets. Today, it is essential. The same is true with the...

7.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/03/28 1:43 p.m.20 views

Remote Access no longer needs to be Complex and Cumbersome

From an IT management perspective, remote access management can be complex. Deployment, administration, testing and compliance is often multifaceted and time consuming, and security is an on-going concern. Granted, I have talked with IT professionals who tell me VPNs - being the primary remote...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/02/14 10:52 p.m.12 views

Websites Can Now Track You Online Across Multiple Web Browsers

You might be aware of websites, banks, retailers, and advertisers tracking your online activities using different Web "fingerprinting" techniques even in incognito/private mode, but now sites can track you anywhere online — even if you switch browsers. A team of researchers has recently developed...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2014/03/25 9:12 p.m.14 views

Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal

Zeus Trojan is one of the most popular families of Banking Trojan, which was also used in a targeted malware campaign against a Salesforce.com customer at the end of the last month and researchers found that the new variant of Zeus Trojan has web crawling capabilities that are used to grab...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/09/05 5:58 p.m.15 views

Hesperbot - A New Banking Trojan that can create hidden VNC server on infected systems

Security firm ESET has discovered a new and effective banking trojan, targeting online banking users and designed to beat the mobile multi-factor authentication systems. Hesperbot detected as Win32/Spy.Hesperbot is very identical to the infamous Zeus and SpyEye Banking Malwares and infects users ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/09/05 6:58 a.m.21 views

Hesperbot - A New Banking Trojan that can create hidden VNC server on infected systems

Security firm ESET has discovered a new and effective banking trojan, targeting online banking users and designed to beat the mobile multi-factor authentication systems. Hesperbot detected as Win32/Spy.Hesperbot is very identical to the infamous Zeus and SpyEye Banking Malwares and infects users ...

7AI score
Exploits0
NVD
NVD
added 2013/03/27 9:55 p.m.29 views

CVE-2013-0258

The Google Authenticator login galogin module 7.x before 7.x-1.3 for Drupal, when multi-factor authentication is enabled, allows remote attackers to bypass authentication for accounts without an associated Google Authenticator token by logging in with the username...

6.8CVSS6.7AI score0.01394EPSS
Exploits0References4
CVE
CVE
added 2013/03/27 9:0 p.m.57 views

CVE-2013-0258

The CVE-2013-0258 entry concerns the Drupal ga_login module (Drupal 7.x) prior to 7.x-1.3, where multi-factor authentication is enabled but an attacker can bypass login by using a username if no Google Authenticator token is associated with the account. The root cause is a flawed authentication b...

6.8CVSS6.9AI score0.01394EPSS
Exploits0References4Affected Software1
Drupal
Drupal
added 2013/01/30 12:0 a.m.28 views

SA-CONTRIB-2013-012 - Google Authenticator login - Access Bypass

This module will allow you to add Time-based One-time Password Algorithm also called "Two Step Authentication" or "Multi-Factor Authentication" support to user logins. Users with the permission to use multi-factor authentication need to associate a Google Authenticator token with their acount...

6.8CVSS6.3AI score0.01394EPSS
Exploits0References10
0day.today
0day.today
added 2012/07/24 12:0 a.m.24 views

Barracuda SSL VPN 680 Cross Site Scripting

Exploit for php platform in category web applications Barracuda SSL VPN 680 - Cross Site Scripting Vulnerabilities Introduction: ============= The Barracuda SSL VPN is an integrated hardware and software solution enabling secure, clientless remote access to internal network resources from any Web...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2011/05/20 12:49 p.m.5 views

Report: Facebook To Offer Bounties For Bugs

Social networking giant Facebook will soon begin paying security researchers for information on vulnerabilities in its platform, according to a report from the Hack in the Box security conference in Amsterdam. Facebook’s Chief Security Officer Joe Sullivan told Softpedia that the company would so...

0.2AI score
Exploits0References9
ThreatPost
ThreatPost
added 2011/04/19 9:2 p.m.7 views

Facebook Adds Two-Factor Authentication

Social networking giant Facebook announced on Tuesday that it was introducing a two-factor security feature that will make user accounts harder to hijack. The announcement was part of a group of security enhancements by Facebook that includes improved secure HTTP features and social reporting too...

0.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/03/18 12:45 a.m.9 views

RSA Hack Yields SecurID Secrets

RSA Security, a division of EMC Corp. has admitted that it was the victim of a sophisticated attack that resulted in the theft of secrets related to its SecurID two-factor authentication product. The disclosure came in a blog post by RSA chief Art Coviello on Thursday. Coviello said that the...

1.4AI score
Exploits0
ThreatPost
ThreatPost
added 2010/02/25 5:1 p.m.10 views

Here's How to Fix Online Banking Fraud

Guest editorial by Roel Schouwenberg Over the last few months, there’s been quite a lot of news chatter around Banker Trojans emptying out online bank accounts of small businesses in the U.S. Today, I was reading one of such stories on Brian Krebs’ site. After reading that story I came across...

7.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2010/02/19 4:35 p.m.12 views

Man in the Browser: Inside the Zeus Trojan

Man in the Browser a.k.a MITB is a new breed of attacks whose primary objective is to spy on browser sessions mostly banking and in that process intercept and modify the web page contents transparently in the background. In a classic MITB attack, it’s very likely that what the user is seeing on...

7.7AI score
Exploits0References1
Rows per page
Query Builder