log4j Vulnerability Information – log4shell – CVE-2021-44228
Log4j is a Java library for logging error messages in applications and is a critical security vulnerability with a severity score of 10 out of 10. The high score …
Category: Attacks
DDoS Attack on Dyn DNS and Level3 Outages
Twitter, Reddit, Spotify, PSN, XBox, Netflix, Github, PayPal and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack …
Attack Allows OS X Malware To Piggyback On Your Webcam
Security researcher Patrick Wardle of Synack has discovered a new potential use of malware that targets the use of the Mac OS X webcam. This new attack allows OS …
Linux Trojan Linux.Mirai Source Code Leaked
The malicious program first appeared in May 2016, detected by Doctor Web after being added to its virus database under the name Linux.DDoS.87 and Linux.DDoS.89. The Trojan can work …
Attack Leverages Windows Safe Mode
Researchers at CyberArk have published a proof-of-concept attack that leverages Windows Safe Mode to expose credentials and gain further access to a PC or Windows Servers. They first discovered …
JAMF Could Allow For MITM Attack
JAMF Software has a number of solutions for fleet management of Apple products, including their own Apple MDM. The issue discussed in this post applies to the self-hosted JAMF …
Modified USB Ethernet Adapter Can Steal Windows and Mac Credentials
A security researcher by the name of Rob Fuller has posted an article on Softpedia where he has discovered a unique attack method that can steal PC credentials from …
Sweet32 Attacks Against Triple-DES (3DES) and Blowfish
Legacy ciphers such as triple-DES (3DES) and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key. Security researchers were able to …