Targeted attacks using multiple attack vectors including email and watering hole sides has been discovered. The state-sponsored attacks targeted Indian diplomatic and military personnel originating from that Pakistan region, researchers said.
Tag Archives: Vulnerabilities
Weak Bank Password Policies Leave 350 Million Vulnerable, Say Researchers
Researchers claim major banks are implementing poor password policies and leaving customers vulnerable to brute force “key-search” attacks.
OpenSSL Operating With Renewed Vision Two Years After Heartbleed
At the RSA Conference, nearly two years after Heartbleed, members of OpenSSL’s Development Team described some benefits the nasty bug afforded them.
DROWN Flaw Exposes 33 Percent Of HTTPS Connections To Attack
The latest Internet-wide crypto vulnerability has arrived in DROWN, which can be abused by attackers to carry out man-in-the-middle attacks and decrypt traffic.
Hospital Security Fail: Report Outlines Dangerous Shortcomings
In a scathing report that looks at the current state of hospital security, researchers say everything from bedside patient monitoring systems, automated drug dispensing machines to patient records are inadequately protected.
Total Recall: Troy Hunt Breaks Down His Nissan Hack
Researcher Troy Hunt explains how his hack of a Nissan Leaf works, and his experience disclosing the issue to the carmaker.
Drupal Update Fixes 10 Vulnerabilities, One Critical
Drupal addressed 10 vulnerabilities in the CMS this week, including a critical access bypass issue and another issue that could lead to remote code execution.
FTC And Asus Settle Router Security Case
The U.S. Federal Trade Commission announced a settlement with ASUSTeK Computer over sloppy security settings tied to its routers.
Operation Blockbuster Coalition Ties Destructive Attacks to Lazarus Group
A group of security companies today published evidence linking the Sony hack, Dark Seoul and Operation Troy to the Lazarus Group.
Joomla Sites Join WordPress As TeslaCrypt Ransomware Target
Joomla is the newest prey of attackers behind a campaign that has targeted WordPress websites by injecting JavaScript files with malicious code.