Extreme Hacking

We work in Dark, to serve the Light

Home » Page 4

When 2FA means sweet FA privacy: Facebook admits it slurps mobe numbers for more than just profile security

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: The Register

Another week, another Facebook privacy storm.

This time, the Silicon Valley giant has been caught red-handed using people’s cellphone numbers, provided exclusively for two-factor authentication, for targeted advertising and search – after it previously insinuated it wouldn’t do that.

Folks handing […]

By |March 5th, 2019|Cyber News|

McAfee: Oops, our bad. Sharpshooter malware was the Norks’ Lazarus Group the whole time

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credit: The Register

McAfee (the antivirus firm, not John the dodgy “playboy”) reckons the Sharpshooter malware campaign it uncovered in late 2018 is the work of North Korean hacking crew the Lazarus Group.

Thanks to data from a command-and-control server that was “provided to […]

By |March 5th, 2019|Cyber News|

WinRAR versions released in the last 19 years impacted by severe security flaw

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Zdnet

WinRAR, one of the world’s most popular Windows file compression applications, has patched last month a severe security flaw that can be abused to hijack users’ systems just by tricking a WinRAR user into opening a malicious archive.

The vulnerability, discovered […]

By |March 4th, 2019|Cyber News|

Banks risk $350bn loss to cyber-attacks — IMF

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: ABC News

IMF Managing Director, Christine Lagarde disclosed this while making the call for better regulation of the banking system as a requirement for building a safer, more sustainable and ethically sound financial sector.

Speaking in London on Thursday while delivering in […]

By |March 4th, 2019|Cyber News|

Running Elasticsearch 1.4.2 or earlier? There’s targeted malware going for your boxen

 

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

 

Credits: The Register

Cisco’s security limb has spotted nefarious people targeting Elasticsearch clusters using relatively ancient vulns to plant malware, cryptocurrency miners and worse – though it does root out some other cybercrims’ dodgy wares, cuckoo-style.

“These attackers are targeting clusters using versions […]

By |March 3rd, 2019|Cyber News|

Web hacker ‘Alfabeto Virtual’ thrown in the clink for 3 months by US judge who wanted to ‘send a message’

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: ABC News

A US judge this week sentenced website hacker Billy Anderson to three months behind bars, refusing his lawyer’s request not to put him in jail, in order to “send a message” to others.

Anderson, 42, of Torrance, California, targeted thousands […]

By |March 3rd, 2019|Cyber News|

Qbot malware’s back, and latest strain relies on Visual Basic script to slip into target machines

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: ABC News

A new version of the decade-old banking credential-stealing Qbot malware is doing the rounds, according to infosec firm Varonis.

The latest version, spotted after an unfortunate customer’s systems were infected, retains the anti-analysis polymorphism features of the original, Varonis researchers […]

By |March 3rd, 2019|Cyber News|

In the cloud, things aren’t always what they SIEM: Microsoft rolls out AI-driven Azure Sentinel

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: The Register

RSA Microsoft has wheeled out two new enterprise security tools – Azure Sentinel, a cloud-based SIEM, and Microsoft Threat Experts, an infosec advice-as-a-service bundled with a panic button.

The two services are part of Redmond’s ongoing invasion of the cloud security market. […]

By |March 3rd, 2019|Cyber News|

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: ABC News

Cisco has patched three of its RV-series routers after Pen Test Partners (PTP) found them using hoary old C function strcpy insecurely in login authentication function. The programming blunder can be exploited to potentially hijack the devices.

PTP looked at how the […]

By |March 3rd, 2019|Cyber News|

Kerala Cyberdome, Dubai police tie up on cyber security

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Deccan Chronical 

The Kerala Cyberdome has decided to cooperate with Dubai police in cyber security. The two sides reached an agreement on sharing the information about those who are engaged in criminal activities on social media, said Police Cyberdome chief Manoj […]

By |March 3rd, 2019|Cyber News|