Archives for 

Security Research

Thousands of medical systems are exposed to widespread cyber-attacks – Derbycon

Recent reports presented by Scott Erven and Mark Collao at Derbycon have revealed that thousands of medical systems are exposed to widespread cyber-attacks. The researchers reported that a giant U.S. medical organization with 12,000 staff and 3,000 physicians has over 68,000 systems that are vulnerable. The researchers indicate that this is just the tip of […]
Share Button
Continue reading →

An exploit can completely bypasses Mac’s malware Gatekeeper

Gatekeeper is the security feature of Mac OS X that protects users from malicious applications and code execution on their Mac computers. It warns Mac users from installing unsigned apps or the ones downloaded through an unencrypted connection. Gatekeeper does an efficient job of preventing the installation of Trojans and applications with malicious codes. However, […]
Share Button
Continue reading →

50 million users users impacted by WINRAR bug

On 28th September 2015, a vulnerability was detected in WinRAR SFX v5.21. It is the latest version of WinRAR, a commonly used file compression tool. Attackers can exploit the vulnerability and compromise a computer with WinRAR installed on it. The bug is in the “text and icon function” under the module “Text to display in […]
Share Button
Continue reading →

Smartphone browsers can deliver powerful DDoS attack with 4.5billion requests causing Flood Attack

One of the most malicious attacks that can ever be launched on a website is being flooded with multiple requests that it cannot handle, otherwise known as DDoS’es. According to internet security researchers, this nightmare may have recently become a reality after one site was targeted in such a manner with an aim of overwhelming […]
Share Button
Continue reading →

Two new Point of Sale malware targeted on Small and Medium Business in the United States

Two new malwares that affect point of sale (PoS) machines have been detected by the researchers at Trend Micro. The malware have been affecting small and medium sized businesses or SMBs, primarily in the United States. These two malwares have been named Katrina and CenterPoS by their developers. Trend Micro researchers had earlier reported PoS […]
Share Button
Continue reading →

Western Digital My Cloud NAS can be hijacked using Command Injection and CSRF – VerSprite

WD My Cloud or Western Digital My Cloud is an efficient Network Attached Storage system. The objective of the WD My Cloud NAS is to provide a cloud storage system for private applications such as home based cloud storage or a small business storage. The data on this private cloud can be accessed by the […]
Share Button
Continue reading →

Google Chrome can be crashed with 16 characters

If you use Google Chrome 45 or any of the older versions, it can crash by simply typing a 16 character URL. The bug was first detected by Andris Atteka who reported it to Google, but he was not rewarded since it is not a security issue but a DOS vulnerability. The issue reported by […]
Share Button
Continue reading →

XcodeGhost malware infects Apple’s App Store infecting 100’s of apps,scares security experts

A malware has always been a major threat to devices, data and user accounts; but the threat increase manifold when a malware is more subtle and deep rooted like the one in an app creation tool! Such threats are real and already exist. XcodeGhost is an example of such malware. The counterfeit Xcode, termed as […]
Share Button
Continue reading →

Blue Termite – An APT with sophisticated Cyber Espionage campaign targeting Japan

An Advanced Persistent Threat termed Blue Termite has targeted several Japanese companies since November 2013. Antivirus major Kaspersky Lab started working on the APT in the month of October 2014. Although the instance is not unprecedented, it is the first time that an APT has targeted Japanese companies that have their Client to Server (C2S) […]
Share Button
Continue reading →

Chevrolet Corvette can be hacked by using a text message via tracking dongle( insurance dongle)

  Researchers from University of California, San Diego have demonstrated to hack Corvette by sending specially crafted SMS messages to a tracking dongle plugged to the car’s OBD-II (On-Board Diagnostics port). In a youtube video ( below) demonstrating the exploit, the researchers operated the windshield wipers,  applied and deactivated the brakes at lower speeds. ( Dongle is a […]
Share Button
Continue reading →