DDoS Attack on Dyn DNS and Level3 Outages

Twitter, Reddit, Spotify, PSN, XBox, Netflix, Github, PayPal and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn DNS, a world renowned Domain Name Servers (DNS) service provider. You can read the most recent status messages at DynDNS. So far there [...]

By |2016-10-21T18:50:13-05:00October 21st, 2016|Categories: Attacks, Security|Tags: , , , , , |0 Comments
Read More

Attack Allows OS X Malware To Piggyback On Your Webcam

Security researcher Patrick Wardle of Synack has discovered a new potential use of malware that targets the use of the Mac OS X webcam. This new attack allows OS X malware to record video and audio whenever a victim legitimately turns on their webcam, without drawing attention to itself. As you can see in the [...]

By |2016-10-16T15:53:23-05:00October 6th, 2016|Categories: Attacks, Malware, Security|Tags: , , , , , , , , , |0 Comments
Read More

Linux Trojan Linux.Mirai Source Code Leaked

The malicious program first appeared in May 2016, detected by Doctor Web after being added to its virus database under the name Linux.DDoS.87 and Linux.DDoS.89. The Trojan can work with with the SPARC, ARM, MIPS, SH-4, M68K architectures and Intel x86 computers. It has similar features as Linux.BackDoor.Fgt, a backdoor that was found infecting Linux [...]

By |2016-10-16T15:53:30-05:00October 3rd, 2016|Categories: Attacks, Malware, Security|Tags: , , , , , , , , , , , , |0 Comments
Read More

Attack Leverages Windows Safe Mode

Researchers at CyberArk have published a proof-of-concept attack that leverages Windows Safe Mode to expose credentials and gain further access to a PC or Windows Servers. They first discovered this attack back in February and even reported it to the Microsoft Security Response Center who said it was not a valid vulnerability. An attacker would [...]

By |2016-10-16T15:53:49-05:00September 15th, 2016|Categories: Attacks, Security|Tags: , , , |0 Comments
Read More

JAMF Could Allow For MITM Attack

JAMF Software has a number of solutions for fleet management of Apple products, including their own Apple MDM. The issue discussed in this post applies to the self-hosted JAMF Casper Suite and deploying a JSS. This suite of tools includes software that will help track inventory, manage devices, implement security policies, and deployment of software [...]

By |2016-10-16T15:53:53-05:00September 12th, 2016|Categories: Attacks, Security|Tags: , , , , , , , , , , |0 Comments
Read More

Modified USB Ethernet Adapter Can Steal Windows and Mac Credentials

A security researcher by the name of Rob Fuller has posted an article on Softpedia where he has discovered a unique attack method that can steal PC credentials from Windows and Mac computers, and possibly Linux (currently untested). He used USB ethernet adapters where he modified the firmware code so that it runs special software [...]

By |2016-10-16T15:53:58-05:00September 7th, 2016|Categories: Attacks, Security|Tags: , , , |0 Comments
Read More

Sweet32 Attacks Against Triple-DES (3DES) and Blowfish

Legacy ciphers such as triple-DES (3DES) and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key. Security researchers were able to use a Sweet32 attack and take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access to [...]

By |2016-10-16T15:54:09-05:00August 25th, 2016|Categories: Attacks, Security|Tags: , , , , , , |0 Comments
Read More