Browsing Category: Hacks

drupal_vulnerable

Assume ‘Every Drupal 7 Site Was Compromised’ Unless Patched By Oct. 15

The maintainers of the Drupal content management system are warning users that any site owners who haven’t patched a critical vulnerability in Drupal Core disclosed earlier this month should consider their sites to be compromised.

Read more...

scada

BlackEnergy Malware Used in Attacks Against Industrial Control Systems

Attackers are using BlackEnergy malware to attack HMI software running inside industrial control systems, according to an advisory from ICS-CERT.

Read more...

IMG_1643

Cyberespionage: ‘This Isn’t a Problem That Can Be Solved’

The issue of cyberespionage is a thorny one, both technically and politically speaking, but some experts say there may not actually be a solution to the problem.

Read more...

IE 0day watering hole

Four Distinct Watering Hole Attacks Dropping ScanBox Keylogger

PwC has published research on four watering hole attacks likely carried out by different attackers, all connected by the ScanBox JavaScript-based reconnaissance tool.

Read more...

shutterstock_105196211

Russian APT28 Group Linked to NATO, Political Attacks

APT28, a Russian hacking group, has been tied to attacks against the country of Georgia, Eastern European political and military organizations, and NATO, a report from FireEye said.

Read more...

IMG_1625

Government, Industry Focusing on Issue of Resiliency

The lack of a central authority for government network security is not a new problem but it’s not necessarily a bad thing, if everyone is doing their jobs, some experts say.

Read more...

router_generic

NAT-PMP Protocol Vulnerability Puts 1.2 Million SOHO Routers At Risk

More than 1 million SOHO routers and embedded devices are vulnerable to a serious vulnerability in the NAT-PMP protocol that enables traffic hijacking and denial of service attacks.

Read more...

webloginGoogle

Google Adds Hardware Security Key For Account Protection

Google is introducing an improved two-factor authentication system for Gmail and its other services that uses a tiny hardware token that will only work on legitimate Google sites.

Read more...

dropbox1

Dropbox Denies Hack, Says ‘Your Stuff is Safe’

Dropbox officials on Monday said that a large cache of usernames and passwords posted online and alleged to have come from the company’s users are not related to Dropbox customer accounts. A spate of media reports reported yesterday that attackers had stolen several million sets of credentials from Dropbox and posted them online. The claim of[...]

Read more...

sand worm

Sandworm APT Team Found Using Windows Zero Day Vulnerability

A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe.

Read more...