Collaborate Disseminate
Yesterday, the Department of Homeland security issued an emergency directive with the subject, “Mitigate DNS Infrastructure Tampering” and ordering the federal agencies to comply with these in order to secure login credentials for their int… Continue reading US Department of Homeland security releases an ‘emergency directive’ to combat DNS tampering
Last week, the researchers at PEAR ( PHP Extension and Application Repository) reported a security breach on PEAR’s web server, http://pear.php.net. They found that the go-pear.phar was breached. Following this, the PEAR website itself has been d… Continue reading PEAR’s (PHP Extension and Application Repository) web server disabled due to a security breach
The tech industry is changing at a massive rate especially after the storage options moved to the cloud. However, this has also given rise to questions on security, data management, change in the work structure within an organization, and much more. Wo… Continue reading Wolf Halton on what’s changed in tech and where we are headed
Bo Weaver, a Kali Linux expert shares his thoughts on the security landscape in the cloud. He also talks about the skills gap in the current industry and why hiring is a tedious process. He explains the pitfalls in software development and where the te… Continue reading Bo Weaver on Cloud security, skills gap, and software development in 2019
The recent data breach in MEGA, a popular cloud service, leaked about 87GB of data including 772,904,991 unique email addresses and over 21 million unique passwords and distributed in a folder dubbed “Collection #1” by hackers. This breach … Continue reading Collection #1: 773 million email IDs compromised on a popular cloud storage; security researcher reports
On Tuesday, the Securities and Exchange Commission (SEC) at Oklahoma charged nine defendants who participated in a previously disclosed scheme to hack into SEC’s EDGAR corporate filing system and extracted nonpublic information for use in illegal… Continue reading SEC’s EDGAR system hacked; allowing hackers to allegedly make a profit of $4.1 million via insider trading
ES File Explorer, one of the popular file managing apps, has been exposed with a hidden web server running in the background, leaving the door open for anyone to easily access data on the device just with a simple script. A French security researcher, … Continue reading The popular ES File Explorer allegedly has an open port vulnerability that exposes Android device data
The Ethereum developers announced yesterday that they are pulling back the Constantinople Hard Fork Upgrade after a vulnerability that could allow hackers to steal users’ funds was reported. This upgrade was scheduled to launch today, January 16t… Continue reading Ethereum community postpones Constantinople, post vulnerability detection from ChainSecurity
Pwn2Own, run by Trend Micro’s Zero Day Initiative, is one of the industry’s toughest hacking contests. Started in 2007, Pwn2Own has become a platform for white hats to test their skills against various types of software and winners have bee… Continue reading Pwn2Own Vancouver 2019: Targets include Tesla Model 3, Oracle, Google, Apple, Microsoft, and more!
Project Alias is an open-source, ‘teachable’ parasite that gives users increased control over their smart home assistants in terms of customization and privacy. It also trains the smart home devices to accept custom wake-up names while dist… Continue reading Google Home and Amazon Alexa can no longer invade your privacy; thanks to Project Alias!