Imgur Confirms 2014 Breach of 1.7 Million User Accounts
Researcher Troy Hunt is credited for tipping image sharing site Imgur off to a 2014 breach of 1.7 million user accounts. Continue reading Imgur Confirms 2014 Breach of 1.7 Million User Accounts
Author Archives: Tom Spring
Newly Published Exploit Code Used to Spread Marai Variant
Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in activity associated with what it said is a variant of the Mirai botnet. Continue reading Newly Published Exploit Code Used to Spread Marai Variant
SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’
A proof-of-concept attack demonstrates how adversaries can abuse Microsoft’s Active Directory Federation Services framework to go unnoticed and assume multiple user identities. Continue reading SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’
HP to Patch Bug Impacting 50 Enterprise Printer Models
HP said dozens of enterprise-class printer models will receive a patch for an arbitrary code execution vulnerability sometime this week. Continue reading HP to Patch Bug Impacting 50 Enterprise Printer Models
Uber Reveals Breach of 57 Million Users, Admits to Covering Up Incident
Uber CEO Dara Khosrowshahi said a 2016 data breach that exposed 57 million Uber users and subsequent payment of $100,000 to a hacker to delete data and keep it a secret is inexcusable. Continue reading Uber Reveals Breach of 57 Million Users, Admits to Covering Up Incident
Intel Patches CPU Bugs Impacting Millions of PCs, Servers
Intel released eight patches for vulnerabilities in remote management software and firmware that could allow local adversaries to elevate privileges, run arbitrary code, crash systems and eavesdrop on communications. Continue reading Intel Patches CPU Bugs Impacting Millions of PCs, Servers
US-CERT Warns of ASLR Implementation Flaw In Windows
US-CERT is warning of a vulnerability in Microsoft’s implementation of Address Space Layout Randomization that affects Windows 8, Windows 8.1 and Windows 10. Continue reading US-CERT Warns of ASLR Implementation Flaw In Windows
CENTCOM Says Massive Data Cache Found on Leaky Server is Benign
Pentagon contractor left 1.8 billion mostly benign publicly accessible social-media posts scraped from the internet on a publicly accessible Amazon storage bucket. Continue reading CENTCOM Says Massive Data Cache Found on Leaky Server is Benign
Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks
Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Continue reading Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks
Amazon Promises Fix for Wireless Key Hack
Amazon said it will offer a fix for its Amazon Key delivery service that allows hackers to tamper with a home security camera. Continue reading Amazon Promises Fix for Wireless Key Hack