CVE-2020-2787

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

What is Cracktivator software?

Cisco Talos coined the term "Cracktivator software" to reference counterfeit or modified software for pirated versions of Windows applications. One of our teammates, James Nutland, led the research to look into cracked versions of the Microsoft Windows operating system and other Microsoft...

Poor security: 15,000 private webcams exposed to creeps

By Sudais Your exposed webcams are backdoor for creeps. This is a post from HackRead.com Read the original post: Poor security: 15,000 private webcams exposed to creeps...

First American Financial Corp. Data Records Leak

Krebs on Security is reporting a massive data leak by the real estate title insurance company First American Financial Corp. "The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbers, drivers licenses, account statements, and eve...

Interview with a malware hunter: Jérôme Segura

In our series "Interview with a malware hunter," our feature role today goes to Jérôme Segura, Malwarebytes’ Head of Threat Intelligence and world-renowned exploit kits researcher. The goal of this series is to introduce our readers to our malware intelligence crew by involving them in these Q&A...

Naming & Shaming Web Polluters: Xiongmai

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai -- a Chinese maker of electronic parts th...

Container theft, the legal system and poor maritime security

One of the most interesting legal cases I’ve read recently involves a theft of two containers of cobalt metal briquettes from a terminal at the port of Antwerp. Original judgment: Appeal: What drew me to this case was the amount of useful data that had entered the public domain concerning a crime...

Please don’t buy this: smart locks

We all like buying the latest and greatest tech toy. It’s fun to get new and novel features on a product that used to be boring and predictable; a draw of the original BeBox amongst many was a layer of “das blinkenlights” across the front. But sometimes, the latest feature is not always the...

Following Breach of 283K, Honda Canada Faces Lawsuit

Honda Canada Inc. has announced it was the victim of an attack in March that exposed the records of over 283,000 car owners, potentially putting them at risk of targeted scams. Data such as the owners’ names, addresses and even their Vehicle Identification Numbers VINs were leaked when attackers...

According to CERT-In : Indian sites hacked most in 2010 !

System administrators would surely want to forget the year 2010, which saw a sharp increase in the number of cyber attacks on Indian websites. According to Indian Computer Emergency Response Team CERT-In, the defacement of websites with India specific domain '.in' tripled in 2010. Around 8,864...

Hackers Shut Down Six Websites, Including Credit-Card Sharing Forums

A group of hackers recently attacked and took offline several websites belonging to credit-card sharing groups, security experts, and other hacking communities that had neglected basic security practices. On Christmas morning, the administrators of six websites discovered their sites had been...

Multiple Denial of Service attacks possible for Webspeed OpenEdge

Denial of Service attack against OpenEdge WebSpeed possible through dict.r. 11-5-2007 author: Eelko Neven discovered: 9-5-2007 Because of poor security in dict.r it is possible to put all agents in busy mode. First you have to find the messenger execution url. For example:...