There is a new kid of the virus block, and a pretty nasty kid it is too. Named Rombertik, it is generally picked up from attachments on phishing emails (usually appearing to be a .PDF file in the case of this virus).
Maybe one of those emails you received claiming you have won a prize, claiming to be a message from Microsoft, or asking you to validate your bank details. Read the rest of this entry »
Cloud-based services, aka services that store your information on a server as opposed to your own hard drive, have been embraced by individuals and business users alike.
Everything from banking apps, email and even social media accounts are now all accessible via the Cloud on multiple devices with nothing more than an internet connection, which means we’re able to enjoy a greater range of services than ever before.
However, cloud accounts require passwords to restrict user access, and with so many accounts to keep track of, it’s tempting to use the same run-of-the-mill passwords for multiple services. It might be a very convenient way of doing things (after all, you need to be able to remember your logins), but by sticking to what you know, you’re increasing your vulnerability online and compromising the security of your cloud data. Read the rest of this entry »
Four new vulnerabilities in the Cisco products
Four Cisco security products are vulnerable to the DDoS and XSS attacks. Four new vulnerabilities have been found in the Cisco products.
- Nexus 9000 Series Switches (CVE-2015-0686 DDoS vulnerability)
- Catalyst 4500 Series (CVE-2015-0687 DDoS vulnerability)
- Aggregation Services Routers (CVE-2015-0688 DDoS vulnerability)
- Wireless LAN Controller (CVE-2015-0690 XSS vulnerability)
Read the rest of this entry »
Presented new BlackArch Linux ISOs & installer, specialized distribution for security researchers and penetration testers.
Distribution built on Arch Linux packet-based and includes over 1200 security-related utilities. Supported Projects package repository is compatible with Arch Linux, and can be used in conventional plants Arch Linux.
Distribution supports assemblies for architectures: i686, x86_64, armv6h and armv7h. New BlackArch Live ISO size: 3.6 GB. As graphic environments have a choice of window managers: dwm, fluxbox, openbox, awesome, wmii, i3 and spectrwm. Read the rest of this entry »
CCTV surveillance has turned out to be a necessity for every business that wants to carry out their business operations in a safe and secured environment.
You will be glad to know that beefing up the security in your office not only helps you to prevent thefts and hooliganism but it also provides a sense of security to your employees. Read the rest of this entry »
CVE-2015-0240: A critical remote vulnerability in Samba
Employees MSVR (Microsoft Vulnerability Research) discovered a critical vulnerability the Samba daemon (smbd).
In unplanned releases of Samba 4.1.17, 4.0.25 and 3.6.25 fixed a critical vulnerability (CVE-2015-0240), which can be used to initiate the execution of code on the server side.
Danger problem compounded by the fact that the vulnerability can be exploited without an authentication – to carry out the attack enough send a few specially designed anonymous netlogon-packets on the network port SMB / CIFS of the server. Since by default, smbd daemon runs under root privileges, in the case of a successful attack the attacker can gain root-access to the server. Read the rest of this entry »
Posted: January 30, 2015 in Articles
Tags: CrytoLocker, eScan, ransomware
Cryptolocker – a program that belongs to the category of so-called “ransomware”.
Cryptolocker encrypts files on the hard disk drive of a computer running Microsoft Windows and requires the payment of redemption, before you download the server private key to decrypt the files. You need to pay a ransom for 72-96 hours. If during this time the money is not transferred to the designated account, key to decrypt the file is deleted and it is impossible to restore files. Read the rest of this entry »
Three new vulnerabilities have been found in the Linux Kernel CVE-2014-3673, CVE-2014-3687, and CVE-2014-3688. These vulnerabilities allows a remote user to cause a denial of service (Kernel panic).
Denial of service in the Linux Kernel
Danger level: Middle
The presence of fixes: Yes
The number of vulnerabilities: 3 Read the rest of this entry »
Multiple vulnerabilities have been found in the FreeBSD kernel code.
FreeBSD Kernel Multiple Vulnerabilities
Danger level: middle
The presence of fixes: Yes
The number of vulnerabilities: 3
CVSSv2 rating: (AV: L / AC: L / Au: N / C: N / I: N / A: C / E: U / RL: OF / RC: C) = Base: 4.9 / Temporal: 3.6
(AV: L / AC: L / Au: N / C: C / I: C / A: C / E: U / RL: OF / RC: C) = Base: 7.2 / Temporal: 5.3
(AV: L / AC: L / Au: N / C: P / I: N / A: N / E: U / RL: OF / RC: C) = Base: 2.1 / Temporal: 1.6
CVE ID: CVE-2014-0998; CVE-2014-8612; CVE-2014-8613 Read the rest of this entry »
Never before has a movie achieved more international attention, and it never even hit the screen.
White House spokesman Josh Earnest called the cyber attack at Sony, or the “Sony hack,” as it been named, a destructive attack exposing serious security measures. To Hollywood and the rest of the country, it was a total surprise in many ways. U.S. Officials disclaimed that when foreign governments present attacks like this cyber attack, they are looking to provoke a response from the U.S. Read the rest of this entry »