News
600,000 cable routers found to have a backdoor within a backdoor
Brazilian researcher discovers double security threat in Arris cable modems which allows an attacker to rewrite the firmware without the owner's knowledge.
Autopwn every Android < 4.2 device on your network using BetterCap and the "addJavascriptInterface" vulnerability.
Recently I've been playing with Android's WebView based vulnerabilities, focusing on how to exploit them using a MITM attack.
Iron Tiger: How hackers have stolen terabytes of confidential data from US high-tech firms
A new report claims that in 2013, a group of China-based hackers switched their attention from targeting victims in Asia-Pacific to stealing terabytes of confidential data from US high-tech firms and ...
Banks team up to improve distributed/shared ledger technology
Nine financial institutions have formed an international coalition, in conjunction with the financial technology firm R3, to create and deliver advanced distributed/shared ledger technologies to ...
NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation
Any database may include sensitive information such as usernames , passwords or users data. This makes a proper security assessment with whole architecture review is required for identifying security ...
In blunder threatening Windows users, D-Link publishes code-signing key
In a ham-fisted move that threatens computer users everywhere, developers at router manufacturer D-Link published a private cryptography key used to certify that software is trustworthy and not ...
Google’s own researchers challenge key Android security talking point
Members of Google's Project Zero vulnerability research team have challenged a key talking point surrounding the security of Google's Android mobile operating system. To wit, a key exploit mitigation ...
The Moose is loose: Linux-based worm turns routers into social network bots
A worm that targets cable and DSL modems, home routers, and other embedded computers is turning those devices into a proxy network for launching armies of fraudulent Instagram, Twitter, and Vine ...
Android ransomware distributed to English speakers in spam campaign
Emails containing a variant of popular Android ransomware are being sent to thousands of mobile users in English-speaking countries as part of a spam campaign recently identified by researchers with ...
PuTTY Client Found Compiled with Trojan
New version of putty SSH-client have been spotted compiled with a Trojan.
Researchers observe SVG files being used to distribute ransomware
Researchers with AppRiver have observed attackers sending out phishing emails with SVG files attached – these files, when downloaded and executed, open up websites that download what appears to be ...
LogJam: Researchers Identify Another Web Encryption Vulnerability
A new potentially high-impact vulnerability called LogJam has been revealed by researchers, which has similarities to the FREAK (CVE-2015-0204) vulnerability disclosed a few months ago, whereby a ...