Securityinform.com Blog

0

Fundraising website Kickstarter hacked,user data stolen,password change recommended

“While no credit card data was accessed, some information about our customers was. Accessed information included usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords.”   Big websites being hacked recently. Latest victim is Kickstarter.com, a fundraising platform used by millions of people to raise capital for creative projects.  On Saturday, Kickstarter.com announced on  it’s blog that hackers found a...

869 total views, no views today

0

Syrian Electronic Army hacked Forbes.com, dumped and shared over 1 million readers details.

Syrian Electronic Army hacked Forbes.com, dumped users table and shared 1,071,963 Forbes readers username-email-password information, defaced some pages on website and hacked related twitter accounts.   On February 14th,  Forbes.com Inc., (www.forbes.com) a leading Internet media company hacked by Syrian Electronic Army (SEA). SEA announced the hack and posted an image of WordPress administrator panel for multiple Forbes websites on SEA Twitter page....

1,006 total views, no views today

0

Bypassing security controls with mobile devices (SkydogCON 2013)

“We’ve got Mobile Device Management, BYOD is not a risk for us!” “Our proxy filters all outbound traffic, no one is getting a shell out ever!” Companies are putting a lot of faith in these security mechanisms to stop the threats of mobile devices. In this talk we put those big claims to the test and look at ways to bypass...

1,015 total views, 2 views today

0

Record-breaking DDoS attack struck CloudFlare’s network

What is ‘NTP based DDOS attack’ ? Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks, as described on WiKi.  Since every host using same NTP server have same time information, using NTP servers is smart way for network hosts to synchronize their clocks. But also it’s open to abuse.  In...

1,106 total views, no views today

0

Debian 7.4 released, mainly corrects security problems

“The Debian project is pleased to announce the fourth update of its stable distribution Debian 7 (codename wheezy). This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Please note that this update does not constitute a new version of...

1,166 total views, no views today

0

Microsoft to release critical Windows and Forefront updates

As Microsoft announced in ‘Microsoft Security Bulletin Advance Notification for February 2014‘,  there will be 2 critical and 3 important updates on next Tuesday. First critical update is for Windows 7 (32-bit & x64), Windows 8 & 8.1 (32-bit & x64), Windows RT & RT 8.1, Windows Server 2008 and Windows Server 2012. Second critical update is for ‘Microsoft Forefront Protection...

1,006 total views, no views today

0

Adobe released an important security update

Adobe released an important and unscheduled security update in order to address a critical vulnerability that could potentially allow an attacker to remotely take control of the affected system. (CVE-2014-0497) According to Adobe Security Bulletin, Alexander Polyakov and Anton Ivanov of Kaspersky Labs reported an integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac...

693 total views, no views today

0

First Android bootkit reported.It has infected 350,000 devices and spreading

Story On January 24th, Russian anti-virus company Doctor Web reported first Android bootkit.  This trojan is particularly dangerous since it’s able to re-install itself after device reboots and re-infect the system.  According to Doctor Web, this malicious program has infected more than 350,000 devices.   “According to information acquired by Doctor Web’s virus analysts, currently, this malignant program operates on more than 350,000...

1,114 total views, no views today

0

Malformed FileZilla FTP client steals login credentials

Story Couple of days ago Avast reported about malformed FileZilla FTP client.  Malware installer GUI and installed malware FTP client is almost identical to the official version, and fully functional. Primary mission of this malware is stealing your login information and sending it to attackers. According to Avast, malware versions of famous open source FTP clients on increase. (Versions 3.7.3 and 3.5.3) You can find identifying...

4,730 total views, no views today

0

Yahoo Mail under attack.We recommend to change your account password immediately.

     On Jan 30th, Yahoo announced a hacking attempt to its users on Yahoo’s official blog.  Yahoo said that they identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. According to Yahoo’s investigation, malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. And this usernames and passwords collected from a third-party database compromise and Yahoo...

1,081 total views, no views today