The French phone company Orange has been the victim of a hack that risks the personal information of 1.3 million customers. That’s 1.3 million people’s names, phone numbers, e-mails, dates of birth, and more accessed by cyber criminals. Perhaps most shocking is the fact that this hasn’t happened once– but twice this year. Orange was […]
Researchers from nominum identified a massive set of of DNS-based DDoS amplification attacks have significantly increased in the recent months, targeting vulnerable home routers globally. ( A DNS amplification attack is a reflection-based distributed denial of service (DDos) attack ) Home routers are the easiest vector of attack because […]
Author : Arun Hegde , Security Architect @arun25 Here is a quick summary about my experience at RSA Conference 2014 – San Francisco last month Highlights of RSA 2014 : Some of the highlights at this year at RSA was cloud security, mobile security ( specially for enterprise), more companies providing SIEM solutions and lot of new […]
Facebook had a long list of vulnerabilities and their Security team is incapable in dealing with the real world security. Unfortunately their mission of making the world open also aligns with Security principles as well. This is just the opinion and may not be the reality. This vulnerability still exists and the author says in […]
Dendroid, the next generation Crimeware toolkit which can convert apps to malware , is available in underground market for only $300. It also comes with a 24 hour support if you are stuck up on your way. Symantec mentioned that this is evolution of AndroRAT( first ever malware APK binder). Dendroid is a HTTP RAT that […]
One more bad news to the world of Bitcoin was announced today after Mt. Gox. “Bitcoin bank” Alberta, Canada-based Flexcoin and Bitcoin exchange Poloniex have announced that they have been targeted by hackers. The company said “As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing […]
Researchers have identified a tricky Android malware spreading via facebook advertising. When Facebook is accessed from an Android device, users may see messages under Facebook adverting under “Suggested Post”. Some of the identified ads read as “WhatsApp tips like: “Want to know how to see your contacts’ chats on WhatsApp?” “Want to hide your WhatsApp […]
Researchers from Hold Security LLC,have identified more than 360 million credentials in the underground market. The details of the data is not yet publicized nor any company name is identified as per the reports. Alex Holden, CISO of Hold Security LLC, said in an interview that the data was obtained over the past three weeks. […]
Ibrahim Raafat ( @RaafatSEC ) , a Egyptian security researcher identified an vulnerability which could have potentially deleted more than 1.5 million records form its database. He further demonstrated ‘Insecure Direct Object Reference Vulnerability’ on his blog which appeared to have been fixed by Yahoo. He performed the demo with his account. The vulnerability escalated the users privilege to delete the […]
“Although EC-Council has been respected by corporations and governments, many in the in the security community don’t agree the way they certify and considered it as useless certification ” Analysts predict that Passports of more than 60,000 US military and government IT professionals at risk Hacker went by the name of Eugene Belford, claims to […]