• Beranda /
• Peringatan Ancaman Keamanan

Unknowns are cloning and booby trapping hundreds of Dark Web sites

• Kamis, 09 Jul 2015
• Penulis: Pierluigi Paganini, Security Affairs

Founder of the ahmia.fi project reported that someone is cloning and booby trapping hundreds of Dark Web sites and is re-writing some of the content. .....

Three New Masque Attacks against iOS: Demolishing, Breaking and Hijacking

• Kamis, 09 Jul 2015
• Penulis: Zhaofeng Chen, Tao Wei, Hui Xue, Yulong Zhang, Fireeye Inc.

In the recent release of iOS 8.4, Apple fixed several vulnerabilities including vulnerabilities that allow attackers to deploy two new kinds of Masque Attack (CVE-2015-3722/3725, and CVE-2015-3725). .....

Win32/Lethic Botnet Analysis

• Kamis, 09 Jul 2015
• Penulis: Shaman Vilen, Infosec Institute

Lethic is a spam botnet consisting of an estimated 210 000 – 310 000 individual machines which are mainly involved in pharmaceutical and replica spam. At the peak of its existence, the botnet was responsible for 8-10% of all the spam sent worldwide. ...

Evasion Techniques Keep Angler EK’s Cryptowall Business Thriving

• Kamis, 09 Jul 2015
• Penulis: Michael Mimoso, Threat Post (Kaspersky Lab Blog)

The Angler Exploit Kit is turning into a model for malware rapidly integrating new evasion techniques. ....

Plex Forums Hacked, Private Messages Exposed

• Kamis, 09 Jul 2015
• Penulis: Ionut Ilascu, Softpedia

Card data not exposed, passwords hashed and salted Registered users of the Plex media server forums have received an email from the company today informing of a breach that exposed private data tied to accounts.

SCADA systems available for sale in the Underground

• Rabu, 08 Jul 2015
• Penulis: Pierluigi Paganini, Security Affairs

The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year.

Reversing Prince Harming’s kiss of death

• Senin, 06 Jul 2015
• Penulis: Fg, reverse.put.as Blog

The suspend/resume vulnerability disclosed a few weeks ago (named Prince Harming by Katie Moussouris) turned out to be a zero day. While (I believe) its real world impact is small, it is nonetheless a critical vulnerability and (another) spectacular failure from Apple.

Drupal plugs critical vulnerability leaving thousands of websites open to attack

• Senin, 06 Jul 2015
• Penulis: Alastair Stevenson, V3.co.uk

Open source content management system (CMS) service Drupal has rushed out a wave of security updates plugging flaws that leave numerous businesses and government departments open to attack.

NSA and GCHQ target security firm including Kaspersky

• Senin, 06 Jul 2015
• Penulis: Pierluigi Paganini, Security Affairs

The list of companies hacked by the intelligence agencies is long and includes prestigious names like Kaspersky Lab, F-Secure, ESET, Avast, BitDefender, AVG, and Checkpoint.

Critical vulnerabilities in Windows and Adobe Reader exposed by hacker

• Jumat, 03 Jul 2015
• Penulis: Karl Thomas, welivesecurity

A hacker has published an extensive list of Adobe Reader and Windows vulnerabilities based on his research into a relatively obscure area of font management.