A website recommended by large portions of the UK’s police forces has fixed a privacy bug that provided a “shopping list for burglars” after being tipped off to the exploit by a security researcher, reports the BBC.
The post Police recommended UK security firm fixes ‘shopping list for burglars’ appeared first on We Live Security.
This is a perl script to bruteforce logins on WordPress.
While phishing-related malware is still mostly Windows targeting, attacks that rely purely on social engineering and fake web sites might be delivered by any platform, including smartphones and tablets. The more cautious you are, the better informed you are, and the more you think before you click, the more chance you have of leaving phishing craft stranded.
The post Phish Allergy – Recognizing Phishing Messages appeared first on We Live Security.
Are you familiar with the name ‘Guardians of Peace’? This is a new hacker group that has been gaining notoriety over the last few weeks.
Everything began when the hacking group sent Sony a disturbing message threatening the company with leaking large amounts of confidential data unless a series of requests were met.
Shortly after this, the Guardians of Peace started publishing all sorts of documents, files and confidential data belonging to Sony. Unreleased movies, information about executive salaries, emails from the company’s lawyers, employee workplace complaints, movie scripts and even the phone numbers of Hollywood celebrities were among the nearly 100 terabytes of data stolen by the hacker collective through a piece of malware called Destover.
The mystery has since grown larger… Who is behind the Sony attack? Who are the so-called Guardians of Peace and what’s their reason for attacking Sony?
US authorities believe the attacks originated from North Korea. One of the group’s demands was the cancellation of the planned release of the film ‘The Interview‘, a comedy about a plot to assassinate North Korean leader Kim Jong-un.
However, North Korea has repeatedly denied any involvement in the hack attack, and the Guardians of Peace have posted new messages mocking the FBI’s investigation.
Various theories are emerging surrounding the attack. Despite North Korea is still the prime suspect, there is also speculation linking the attack to a possible Sony insider, a group of disgruntled former employees or even a marketing campaign orchestrated by Sony itself to promote ‘The Interview’.
Some theories even claim that this is nothing but a campaign designed by the US government to find itself a new enemy and thus justify the mass spy operations carried out through agencies such as the NSA
Incidents like this, combined with the alleged hack of the Play Station and Xbox online services during Christmas, and the constant rumors of Internet leaks, certainly make you wonder if we are not really in the middle of a cyber-war between powers…
Despite the mystery surrounding the attack, the truth is that Sony decided to cancel the premiere of ‘The Interview’ for security reasons (after receiving threats against the company’s employees and their families), and the cyber-attacks have exposed the frailties of the security measures implemented by one of the largest entertainment companies in the world.
The post Who are the Guardians of Peace? A new hacker group is on the loose appeared first on MediaCenter Panda Security.
Release Date: January 8, 2015
Updated: January 8, 2015 (Affected Versions, Severity)
Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
Affected Versions: 2.0.0
Vulnerability Type: Improper Authentication
Severity: Critical
Suggested CVSS v2.0: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:F/RL:OF/RC:C
Problem Description: The extension insufficiently authenticates an user against LDAP/AD.
Solution: Updated version 2.0.1 is available from the TYPO3 extension manager and at http://typo3.org/extensions/repository/download/ig_ldap_sso_auth/2.0.1/t3x/.
Credits: Credits go to Stefan Kaifer who discovered the vulnerability.
General advice: Follow the recommendations that are given in the TYPO3 Security Guide. Please subscribe to the typo3-announce mailing list to receive future Security Bulletins via E-mail.
A flurry of news concerning Netflix in recent days has presumably motivated this recent phishing attempt, as scammers continue to pursue current events and breaking news stories to attract victims.
In the email is a red button “CLICK HERE TO VERIFY YOUR ACCOUNT” that leads directly to a replica Netflix login page, as well as pages that ask for personal details including Credit Card information.
Unsuspecting Netflix customers who are tricked into this process will not only divulge their account password (which they may have used elsewhere), but may also have their credit card details stolen and used for fraudulent purchases.
If you do receive a Netflix phishing email you should report it officially to Netflix by forwarding the message to [email protected]. Further information about keeping your Netflix account secure can be found here.
Until next time, stay safe out there.
News emerged recently that Apple has been challenged about storage on their iOS devices.
According to news sources, Apple has come under fire for the size of their latest operating system iOS8 which can apparently occupy up to 23.1% of the devices total storage.
On top of this, the upgrade from iOS 7 to iOS 8 alone can take up more than 1.3 Gigabytes of storage space.
While the storage statistics for iOS 8 might be surprising, it’s important that iPhone and iPad users realize that often their storage can be taken up by multiple unnecessary files and not just operating system files.
Operating systems are not the only files that bloat and grow over time; in fact it’s quite common for updates to systematically increase an app’s footprint on our devices as new features and enhancements are added
That’s why it’s very important to regularly clean out your mobile device, get rid of unwanted or unneeded files and apps and create space for the things you really want.
To help you do this, AVG has developed iOS Cleaner as part of the AVG PC TuneUp performance suite. iOS Cleaner can help you reclaim back valuable storage space on your iPhone or iPad devices by locating and removing duplicate files and unnecessary clutter and temporary files.
We’ve also prepared this easy to follow guide to help you get started.
[security bulletin] HPSBMU03118 rev.3 – HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities
[SECURITY] [DSA 3120-1] mantis security update
Self-XSS in Microsoft Dynamics CRM 2013 SP1
