New Java Vulnerability Coming Bundled With Exploit Kits A recently discovered Java vulnerability that’s been circulating throughout the hacking underground has begun to show up alongside the BlackHole exploit kit, according to a post on Brian Krebs’ KrebsonSecurity blog. read more Digest powered by RSS Digest
New Apache Reverse Proxy Issue Uncovered A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. read more brycegalbraith: HTTPS-enabled Google services now implement a special encryption technique to mitigate future key recovery attacks – http://t.co/KoCcPJBw brycegalbraith: HTTPS-enabled [...]
3 Ways to Protect Your Mobile Phone During Black Friday and Cyber Monday Mobile shopping is on the rise. In fact, nearly 60 million users will shop on their mobile phone for Black Friday and Cyber Monday sales this year. The Conficker worm, three years and counting This week marks the third anniversary of Conficker’s [...]
TheHackersNews: #Security #Infosec ☛ SecurityTube Metasploit Framework Expert Certification Launched ! http://t.co/EXQlGgtn #news TheHackersNews: #Security #Infosec ☛ SecurityTube Metasploit Framework Expert Certification Launched ! http://t.co/EXQlGgtn #news Fake iTunes gift certificate delivers a load of malware for Black Friday shoppers Watch out for shopping scams as the seaonal shopping frenzy ramps up over the US Thanksgiving [...]
Mobile ‘Rootkit’ Maker Tries to Silence Critical Android Dev A data-logging software company is seeking to squash an Android developer’s critical research into its software that is secretly installed on millions of phones, but Trevor Eckhart is refusing to publicly apologize for his research and remove the company’s training manuals from his website. Though the software [...]
Cyber-Attack Claims At US Water Facility Facebook identifies porn spam perpetrators Facebook said it has identified many of those responsible for a wave of pornographic content that showed up on users’ news feeds this week. Those behind the coordinated spam attack, which began on Monday, leveraged a cross-site scripting (XSS) web browser vulnerability to flood [...]
TheHackersNews: RT @c1b3rh4ck : http://t.co/cYSZKtwo Kevin Mitnick + Dave Kennedy — Adaptive Penetration Testing TheHackersNews: RT @c1b3rh4ck : http://t.co/cYSZKtwo Kevin Mitnick + Dave Kennedy — Adaptive Penetration Testing Transfer files to your iOS device remotely Reader Jim Ross seeks a slicker way to add files to his iPad. He writes: 7 Facts On Duqu Malware [...]
Connections Between DroidDreamLight and DroidKungFu We were recently able to analyze the routines of the latest DroidKungFu variant, detected as ANDROIDOS_KUNGFU.CI. While we were monitoring the traffic between ANDROIDOS_KUNGFU.CI and its remote server, we chanced upon a command to delete a certain package. In the command above, the server instructs the malware to delete a [...]
TheHackersNews: RT @yo9fah : Fake Social Networking Application Promotes Maldives http://t.co/18rORK3m TheHackersNews: RT @yo9fah : Fake Social Networking Application Promotes Maldives http://t.co/18rORK3m TheHackersNews: RT @fsecureukteam : How To Limit Your Digital Footprint http://t.co/DeLuF7xi TheHackersNews: RT @fsecureukteam : How To Limit Your Digital Footprint http://t.co/DeLuF7xi TheHackersNews: RT @threatpost : Researchers uncovered a hole that could enable [...]
[WEB SECURITY] What's the best way to maintain password history? Justin Scott: [WEB SECURITY] What's the best way to maintain password history?: <br /> [...] <br /> That sounds like a bug in their implementation. If the user id stays the same then I would expect the password history check to kick in to prevent [...]