RSS Reader for Computer Security Articles
Credit to Author: BrianKrebs| Date: Fri, 06 Jul 2018 15:53:19 +0000
Energy giant ExxonMobil recently sent snail mail letters to its Plenti rewards card members stating that the points program was being replaced with a new one called Exxon Mobil Rewards+. Unfortunately, the letter includes a confusing toll free number and directs customers to a parked page that tries to foist Web browser extensions on visitors.
Read More
In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.
Credit to Author: SSD / Ori Nimron| Date: Mon, 02 Jul 2018 12:19:53 +0000
Vulnerabilities Summary Authenticated users can exploit a file inclusion vulnerability in phpMyAdmin which can then be combined with another vulnerability, to perform Remote Code Execution. In addition, authnticated attackers can view files and execute PHP files that located on the server by exploiting a bug in the part of the code that is responsible for … Continue reading SSD Advisory – phpMyAdmin File Inclusion and Remote Code Execution
Read More
Credit to Author: SSD / Noam Rathaus| Date: Mon, 02 Jul 2018 10:55:25 +0000
In our upcoming Hack2Win eXtreme event in Hong Kong we will be asking contest participants to come and try their skills breaking into devices and software, showing their abilities in finding vulnerabilities in iOS and Android, as well as in Chrome and Firefox. In preparation for the event, we are launching a “warm up” event … Continue reading Hack2Win eXtreme Warm Up
Read More
Credit to Author: Woody Leonhard| Date: Mon, 02 Jul 2018 07:05:00 -0700
Windows 7 customers should be on the lookout for a couple of, uh, challenges this month, as the Win10 1803 trail of tears continues and Win10 1709 finally looks pretty solid.
First, the good news. If you installed last month’s Win7/Server 2008R2 patches and your network connections didn’t go kablooey, you’re almost undoubtedly OK to proceed with this month’s patches.
On the other hand, if you’ve been waiting to install patches on your Win7 or Server 2008R2 machine, you need to be aware of a bug that Microsoft has acknowledged. It was introduced by a patch back in March, according to the KB articles, and hasn’t been fixed yet:
Credit to Author: BrianKrebs| Date: Thu, 28 Jun 2018 17:50:26 +0000
Many people, particularly older folks, proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — from utilities and mobile phones to retirement benefits and online banking services. The reasoning behind this strategy is as simple as it is alluring: What’s not put online can’t be hacked. But increasingly, adherents to this mantra are finding out the hard way that if you don’t plant your flag online, fraudsters and identity thieves may do it for you.
Read More
Credit to Author: JR Raphael| Date: Thu, 28 Jun 2018 08:56:00 -0700
Hey, look: A new BlackBerry phone is here! And no, you didn’t just wake up from a 12-year coma. I promise you, it is still 2018.
The new BlackBerry Key2, however, is aimed squarely at those who miss the glory days of the physical-keyboard-packin’ phone — specifically, business users who still place some sort of value on the BlackBerry name (even if it’s technically a different organization making the devices now). The company’s own landing page for the device placards that focus plainly:
Credit to Author: Woody Leonhard| Date: Wed, 27 Jun 2018 13:23:00 -0700
Microsoft’s patches in June took on some unexpected twists.
Windows 7 owners with older, 2002-era Pentium III machines got their patching privileges revoked without warning or explanation (and a documentation cover-up to boot), but there’s little sympathy in the blogosphere for elderly PCs.
Win10 1803 was declared fully fit for business, a pronouncement that was followed weeks later by fixes for a few glaring, acknowledged bugs — and stony silence for other known problems.