-
Archives
- May 2018
- April 2018
- March 2018
- February 2018
- December 2017
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
-
Meta
Monthly Archives: September 2015
Shopify Refuses to Fix RFD Vulnerability
Portuguese Web security researcher David Sopas has uncovered an RFD (Reflected File Download) vulnerability on Shopify’s platform, which, according to his vulnerability disclosure, the company refused to patched. An RFD (Reflected File Download) attack relies on hackers crafting URLs which … Continue reading
Posted in Vulnerabilidad
Leave a comment
Thousands of ‘directly hackable’ hospital devices exposed online
Hackers make 55,416 logins to MRIs, defibrillator honeypots. Thousands of critical medical systems – including Magnetic Resonance Imaging machines and nuclear medicine devices – that are vulnerable to attack have been found exposed online. Security researchers Scott Erven and Mark … Continue reading
Leaked Hacking Team emails show Saudi Arabia wanted to buy the company
Emails stolen in the Hacking Team breach and leaked online by the still unknown attackers continue to be analyzed, and offer insight into the inner workings and controversial relationships the infamous Italian spyware maker engaged in. Among the most recent … Continue reading
North America’s IPv4 address supply runs dry
The long-predicted exhaustion of IPv4 addresses has now taken place in North America, with the region’s authority left with no further supply of the 32-bit labels to issue. For the first time, the body responsible for allocating IP addresses in … Continue reading
Browser Vendors Implemented Cookies the Wrong Way, Exposed Users to MitM Attacks
CERT (Computer Emergency Response Team) revealed that all browser makers have misinterpreted and improperly implemented the RFC 6265 standard responsible for detailing how HTTP State Management should work. If we already bored you by going too technical all of a … Continue reading
Hacker exploited Imgur flaw to secretly load over 450 background images and attack 8chan
An attacker could have pulled off massive pwnage by abusing a bug on Imgur, which is often featured on Reddit’s “front page” of the Internet; instead the hacker targeted 8chan; 4chan and 8chan experienced some downtime. Imgur quickly issued a … Continue reading
Does China’s government hack US companies to steal secrets?
On Monday this week, a US national security adviser warned China that the hacking must stop and said it put an “enormous strain” on the relationship between the two nations. How has China responded to the accusations? It has denied … Continue reading
¿Cómo utilizar evasión HTTP y malware a nivel de Firewall?
HTTP versión 0.9 fue la primera versión del protocolo HTTP, definido en 1991 pero ya utilizado antes. Simplemente consiste en una petición GET sobre el lado del cliente que se asemeja levemente solicitud de GET actual, seguido de una respuesta … Continue reading
AT&T files lawsuit against former employees for installing malware, illegally unlocking phones
The former employees allegedly used malware to illegally unlock countless devices using AT&T’s network. AT&T has filed a lawsuit against former employees who installed malware on the firm’s networks as part of a business which unlocked the carrier’s devices illegally. … Continue reading
Google’s own researchers challenge key Android security talking point
Members of Google’s Project Zero vulnerability research team have challenged a key talking point surrounding the security of Google’s Android mobile operating system. To wit, a key exploit mitigation known as address space layout randomization does much less than the … Continue reading
WebImprints - Data Security Company 