Michael Mimoso – Page 7 – WindowsTechs.com

Verizon Wireless Internal Credentials, Infrastructure Details Exposed in Amazon S3 Bucket

Posted on September 22, 2017 by Michael Mimoso

Verizon is the latest company to leak confidential data through an exposed Amazon S3 bucket. Continue reading Verizon Wireless Internal Credentials, Infrastructure Details Exposed in Amazon S3 Bucket→

Samba Update Patches Two SMB-Related MiTM Bugs

Posted on September 22, 2017 by Michael Mimoso

Samba released three security updates, including two related to SMB connections that could be abused by an attacker already on the network to hijack connections and manipulate traffic or data sent from a client. Continue reading Samba Update Patches Two SMB-Related MiTM Bugs→

Joomla Patches Eight-Year-Old LDAP Injection Vulnerability

Posted on September 21, 2017 by Michael Mimoso

Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials. Continue reading Joomla Patches Eight-Year-Old LDAP Injection Vulnerability→

Deep-Learning PassGAN Tool Improves Password Guessing

Posted on September 20, 2017 by Michael Mimoso

A deep-learning network known as a GAN has been applied to passwords, and a tool called PassGAN significantly improves the ability to guess user passwords over tools such as Hashcat or John the Ripper. Continue reading Deep-Learning PassGAN Tool Improves Password Guessing→

iOS 11 Update includes Patches for Eight Vulnerabilities

Posted on September 19, 2017 by Michael Mimoso

Apple released a number of patches, including a security update for iOS 11, which is available today. Continue reading iOS 11 Update includes Patches for Eight Vulnerabilities→

Risks Limited With Latest Apache Bug, Optionsbleed

Posted on September 19, 2017 by Michael Mimoso

The risks surrounding the latest Apache bug, called Optionsbleed, are limited given it can only be attacked under certain conditions. Apache, and many Linux distributions, have patched the flaw. Continue reading Risks Limited With Latest Apache Bug, Optionsbleed→

IDN Homograph Attack Spreading Betabot Backdoor

Posted on September 6, 2017 by Michael Mimoso

An IDN homograph attack leveraging Adobe’s brand has been discovered, with the malicious site spreading the Betabot backdoor Continue reading IDN Homograph Attack Spreading Betabot Backdoor→

WireX Variant Capable of UDP Flood Attacks

Posted on September 6, 2017 by Michael Mimoso

F5 Labs has detected a WireX variant capable of launching UDP flood DDoS attacks. Continue reading WireX Variant Capable of UDP Flood Attacks→

Military Contractor’s Vendor Leaks Resumes in Misconfigured AWS S3

Posted on September 5, 2017 by Michael Mimoso

Thousands of resumes and job applications from U.S. military veterans, law enforcement, and others were leaked by a recruiting vendor in an unsecured AWS S3 bucket. Continue reading Military Contractor’s Vendor Leaks Resumes in Misconfigured AWS S3→

US Government Site Was Hosting Ransomware

Posted on September 1, 2017 by Michael Mimoso

As recently as Wednesday afternoon, a U.S. government website was hosting a malicious JavaScript downloader that led victims to installations of Cerber ransomware. The malware link has since been taken down. Continue reading US Government Site Was Hosting Ransomware→