The vulnerability allows any local user, such as “httpdusr” used to run web application, to escalate to Domain Administrator if the NAS is a domain member. Pasquale ‘sid’ Fiorillo from ISGroup (www.isgroup.biz), an Italian Security Company, and Guido ‘go’ Oricchio of PCego (www.pcego.com), a System Integrator, have just released a critical security advisory for any […]
Android Forums notified a data breach, according to the moderators at the site roughly 2.5 percent of users have been affected. Android Forums is the last victim of a data breach, roughly 2.5 percent of users have been affected. The moderators at the Android Forums confirmed they’ve been able to identify the alleged compromised accounts, in response […]
The threat group behind the Machete cyber espionage campaign first spotted in 2014 continues to target entities in Spanish-speaking countries. According to the researchers at security firm Cylance Threat actors behind the cyber espionage campaign dubbed Machete continue to target entities in Spanish-speaking countries. The Machete campaign was first uncovered by the researchers at Kaspersky in August 2014 and […]
Hackers belonging to the Turkish Crime Family group threaten to remotely wipe hundreds of millions of iPhones unless Apple pays a ransom. Crooks are claiming to have over 627 millions of iCloud credentials and intend to wipe date from iPhones, iPads and Macs if the Apple does not pay $150,000 within two weeks. Members of […]
The notorious Google Project Zero hacker Tavis Ormandy discovered numerous vulnerabilities in the Chrome and Firefox extensions of the LastPass password manager. The Security expert at Google Project Zero Tavis Ormandy discovered several vulnerabilities in Chrome and Firefox extensions of the LastPass password manager that can be exploited to steal passwords. The expert also wrote PoC exploit for the flaw […]
Metasploit RFTransceiver extension implements the Hardware Bridge API that will allow organizations to test wireless devices operating outside 802.11 spec. Recently we reported the news of the availability of a new hardware bridge for Metasploit extension to test hardware, including IoT devices. We have to consider that IoT devices are pervading our day life such as into […]
The role of China (PRC) in the worldwide cyber espionage game of conditioning political life: when reserved information are brandished against the political opponent. In the days of testimony of U.S. Federal investigators about the role played during the last year by Russians, their alleged cyber operation is once again under examination. The mainstream media […]
The vendor “SunTzu583” is offering for sale over 20 million Gmail and 5 million Yahoo login credentials on the Dark Web A vendor with the online moniker “SunTzu583” is reportedly selling millions of login credentials for Gmail and Yahoo accounts on a black market in the dark web. Over 20 million Gmail accounts and 5 million […]
The McDelivery application used by McDonald’s customers in India was found to be leaking the personal data of more than 2.2 million users. McDelivery is a web application used by McDonald’s customers in India that was found to be leaking the personal information of more than 2.2 million users. The issue was discovered by researchers at security […]
After the leak of the CIA Vault7 archive, experts from CISCO warn of Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution flaw. Recently Wikileaks announced it is planning to share with IT firms details about vulnerabilities in a number of their products, the flaw are exploited by the hacking tools and […]