Posts Tagged ‘Cyber Security 2015’

[Cyber Security 2015] Critical Vulnerability in Microsoft Internet Explorer

Posted: August 19, 2015 in IT Security News
Tags: , , , , , ,
4

Internet Explorer vulnerabilitiesMicrosoft has corrected zero-day vulnerability in Internet Explorer

The flaw allows an attacker to gain complete control over the target device.

Microsoft has released an update that corrects zero-day vulnerability in Internet Explorer of versions 7-11 (this flaw does not appear to be present in new Microsoft Edge). The Critical Hole CVE-2015-2502 allows an attacker to remotely execute code on the target device.

According to Microsoft, the remote user can use a specially created a web-site to compromise a vulnerable system. The vulnerability is caused due to a memory corruption error when handling certain objects. (more…)

Cyber Security 2015: The Hacking Team Hacking – Latest news

Posted: July 15, 2015 in IT Security News
Tags: , , , , , , ,
1

Hacking Team hackedHacking news 2015: The Hacking Team Hacking – Latest news

Recall, July 5, unknown hackers have broken into the computer network of the company and abducted more than 400 GB of corporate data.

Stolen information includes corporate documents, source code, and even, as it became known, a few exploits for zero-day vulnerability in Adobe Flash. Also, hackers managed to hack the official Hacking Team account in Twitter.

Hacking Team’s CEO David Vincenzetti issued a new statement promising that the company plans to deliver the recovered version of Galileo Remote Control System (Galileo, is the advanced and sophisticated spyware tool) and internal infrastructure to replace products that have been compromised in the cyber attacks. (more…)

Cyber Security 2015: Hacking Team hacked (Related Articles of the Week)

Posted: July 8, 2015 in IT Security News
Tags: , , ,
2

Hacking Team hackedHacking of a spy cyber security firm “The Hacking Team”: Most Interesting articles

Here we provide 10 the most interesting and informative articles related to major hacking of a spy cyber security firm “The Hacking Team”.

The Italian company, Hacking Team is among a handful of companies that offer surveillance tools to law enforcement around the world. The Italian company is well-known for its controversial operations, helping governments and various intelligence agencies spy on citizens.

Hacking Team says its tools enable investigators to obtain information even if targets encrypt their communications to protect them.

5th July 2015, this Italian cyber security firm has itself become the victim of a hacking attack. (more…)

New Dangerous Critical Vulnerability in CMS Drupal

Posted: June 19, 2015 in Vulnerability News
Tags: , , , , ,
0

Drupal vulnerabilitiesDangerous vulnerability has been fixed in Drupal. The most serious issue outlined in the advisory (CVE-2015-3234) allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts.

The victim must have an account in a certain OpenID-providers for a successful attack.

Vulnerabilities identified in the module OpenID, allows a potential attacker to log in as an administrator. However, for a successful attack the victim must have an account associated with the OpenID-providers (for example: Verisign, LiveJournal, StackExchange, and some other). (more…)

Cybersecurity threats 2015: Four new vulnerabilities in the Cisco products

Posted: April 9, 2015 in IT Security News
Tags: , , , ,
0

cisco company logoFour new vulnerabilities in the Cisco products

Four Cisco security products are vulnerable to the DDoS and XSS attacks. Four new vulnerabilities have been found in the Cisco products.

Affected Products:

  • Nexus 9000 Series Switches (CVE-2015-0686 DDoS vulnerability)
  • Catalyst 4500 Series (CVE-2015-0687 DDoS vulnerability)
  • Aggregation Services Routers (CVE-2015-0688 DDoS vulnerability)
  • Wireless LAN Controller (CVE-2015-0690 XSS vulnerability)

(more…)

New BlackArch – an Arch Linux-based distribution for penetration testers and security researchers

Posted: March 31, 2015 in IT Security News
Tags: , , , , ,
0

BlackArch Linux logoPresented new BlackArch Linux ISOs & installer, specialized distribution for security researchers and penetration testers.

Distribution built on Arch Linux packet-based and includes over 1200 security-related utilities. Supported Projects package repository is compatible with Arch Linux, and can be used in conventional plants Arch Linux.

Distribution supports assemblies for architectures: i686, x86_64, armv6h and armv7h. New BlackArch Live ISO size: 3.6 GB. As graphic environments have a choice of window managers: dwm, fluxbox, openbox, awesome, wmii, i3 and spectrwm. (more…)

A critical remote vulnerability in Samba, which provides root-access to the server

Posted: February 24, 2015 in Vulnerability News
Tags: , , ,
0

Hole in LinuxCVE-2015-0240: A critical remote vulnerability in Samba

Employees MSVR (Microsoft Vulnerability Research) discovered a critical vulnerability the Samba daemon (smbd).

In unplanned releases of Samba 4.1.17, 4.0.25 and 3.6.25 fixed a critical vulnerability (CVE-2015-0240), which can be used to initiate the execution of code on the server side.

Danger problem compounded by the fact that the vulnerability can be exploited without an authentication – to carry out the attack enough send a few specially designed anonymous netlogon-packets on the network port SMB / CIFS of the server. Since by default, smbd daemon runs under root privileges, in the case of a successful attack the attacker can gain root-access to the server. (more…)