January 2017 – Page 22 – Computer Security Articles

Vulnerability Summary The following advisory describes three (3) vulnerabilities that allow to an attacker to gain unauthenticated remote code execution. EasyIO provides products for Building Energy Management Systems. Low costs, high energy savings. The three vulnerabilities found in EasyIO include: Unauthenticated remote code execution Unauthenticated database file download Authenticated directory traversal vulnerability The vulnerability affected … Continue reading SSD Advisory – EasyIO Multiple Vulnerabilities →

Independent Securiteam

January 23, 2017 admin

Security conferences – Survival guide 2017 Q1

We have some few more days until the end of the year (2016) but it’s time to open the calendar and get ready for 2017(!). We will try publish every quarter the main security conferences* We have gathered the following information for you for each conference: Dates Place Link to official conference website Ticket price … Continue reading Security conferences – Survival guide 2017 Q1 →

Independent Securiteam

January 23, 2017 admin

HITCON Taiwan 2016

On the 1-2 December 2016 we had the honor for the first time to sponsor HITCON and visit Taiwan. Our adventure started in November 30th when Noam and I landed in Taipei and we had half a day to sightseeing and set up our booth at the conference hall. In the evening we were invited … Continue reading HITCON Taiwan 2016 →

Security Wired

January 23, 2017 admin

The New iOS Update Fixes Big Security Holes, So Get It Now

Apple just released an iOS update full of security fixes that you need to jump on. The post The New iOS Update Fixes Big Security Holes, So Get It Now appeared first on WIRED.

Security TrendMicro

January 23, 2017 admin

Pwn2Own™ Returns for 2017 to Celebrate 10 Years of Exploits

Hackers make online life difficult. We are nine weeks away from Pwn2Own™ 2017 returning to CanSecWest, which is celebrating its 10th anniversary this year. A lot has changed in the world since the first Pwn2Own in 2007. The computing space has changed drastically, as well. The first Pwn2Own happened before Conficker or Stuxnet. It happened before the rise of nation-state…

Independent Krebs

January 23, 2017 admin

Who is Anna-Senpai, the Mirai Worm Author?

On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack — using the name “Anna Senpai” — released the source code for Mirai, spawning dozens of copycat attack armies online. After months of digging, KrebsOnSecurity is now confident to have uncovered Anna Senpai’s real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware.

Independent Krebs

January 23, 2017 admin

Adobe, Microsoft Push Critical Security Fixes

Adobe and Microsoft on Tuesday each released security updates for software installed on hundreds of millions of devices. Adobe issued an update for Flash Player and for Acrobat/Reader. Microsoft released just four updates to plug some 15 security holes in Windows and related software.

Independent Krebs

January 23, 2017 admin

Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed

Tens of thousands of personal and possibly proprietary databases that were left accessible to the public online have just been wiped from the Internet, replaced with ransom notes demanding payment for the return of the files. Adding insult to injury, it appears that virtually none of the victims who have paid the ransom have gotten their files back because multiple fraudsters are now wise to the extortion attempts and are competing to replace each other’s ransom notes.