Apple has patched a remote code execution vulnerability in its AirPort base stations, AirPort Express, AirPort Extreme and AirPort Time Capsule.
Tag Archives: Web Security
GoToMyPC Suffers Major Password Reuse Attack
Citrix Systems is forcing all its GoToMyPC remote desktop access service customers to reset their passwords because of a “very sophisticated attack” that targeted the service over the weekend.
xDedic Scope May Be Larger Than Originally Thought
New data shared with Kaspersky Lab could enlarge the scope of the xDedic marketplace of hacked servers.
Acer Ecommerce Site Spills Credit Card Information of Thousands
Taiwanese electronics company Acer sent letters to customers indicating that some of their financial information – credit card data included – may have been accessed over the last year.
Patrick Wardle on macOS Gatekeeper, Crypto Enhancements
At last week’s Apple Worldwide Developer Conference, Apple announced some security upgrades around Gatekeeper and a new filesystem that includes native support for encryption. Mac hacker Patrick Wardle, director of research at Synack, explains whether this a big deal and how the upgrades address some problems he’d disclosed to Apple.
Threatpost News Wrap, June 17, 2016
Mike Mimoso and Chris Brook discuss the news of the week, including a password issue at Github, the xDedic marketplace, and another Flash zero day.
Breached Credentials Used to Access Github Repositories
Password reuse strikes GitHub users, some of whom will have to reset their credentials after unauthorized attempts were made to access a large number of GitHub accounts.
ScarCruft APT Group Used Latest Flash Zero Day in Two Dozen Attacks
The ScarCruft APT gang has made use of a Flash zero day patched Thursday by Adobe to attack more than two dozen high-profile targets in Russia and Asia primarily.
Inside the xDedic Hacked Server Marketplace
The xDedic market provides hackers with an affordable place to buy access to hacked servers in order to quickly mount better attacks.
Cisco Won’t Patch Critical RV Wireless Router Vulnerability Until Q3
Cisco said its RV wireless routers and firewalls are vulnerable to remote code execution at root level. A Q3 2016 firmware update will patch the flaw.