Recent Posts

Pages: [1] 2 3 ... 10
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by gorblimey on Today at 11:07:39 am »

Just a couple of quick notes against an otherwise good roundup...

If a product doesn’t have a firewall, it’s worth using, for example, the GlassWire firewall.

Glasswire isn't a firewall, it's a very graphical and pretty frontend, doing much the same job as Windows Firewall Control <>.  Both need Windows Firewall up and running...  And both block out-bound by default, the complete reverse of Windows' convenience setting.

They guarantee very high effectiveness against malicious content ... (even on seemingly “secure” websites marked with a green padlock)

The "green padlock" only indicates the site you're surfing is the site you think it is.  Anybody can get a secure site, even a malcoder.  And a green padlock does not, for example, prevent hijacked ads which don't originate from the same server.
By Sergiu Gatlan

The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information (PHI) from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack.

According to the Oregon DHS, its Enterprise Security Office Cyber Security team was the one which determined that the email boxes were breached on January 28, 2019.

DHS also said that the attackers were stopped from further accessing the hacked mailboxes by resetting the passwords and that an investigation was started to review all the information that might have been exposed, as well as to pinpoint the exact "number of impacted records that might contain personal information of clients receiving services from DHS."

full article here:
By Sergiu Gatlan

During the second day of Pwn2Own Vancouver 2019, competitors successfully pwned the Mozilla Firefox and Microsoft Edge web browsers, as well as VMware's Workstation client, earning a total of $270,000 in cash awards.

As part of the first event, the Fluoroacetate team targeted and successfully exploited Mozilla's Firefox web browser with a kernel escalation using a JIT bug and an out-of-bounds write in the Windows kernel.

The same team also tried their hand against Microsoft's Edge web browser with a VMware escape and a kernel escalation, using an exploit chain combining "a type confusion in Edge, a race condition in the windows kernel, and an out-of-bounds write in VMware Workstation.

full article here:
Author: Help Net Security

As our society evolves, so does our reliance on telecommunications technology. Cybercriminals prey on our daily use of electronic devices and continuously seek out new ways to exploit vulnerabilities and access information.

Cooperation and information-sharing between law enforcement and the private sector has therefore become essential in the fight against these types of crime.

One example of this collaboration is the joint Cyber-Telecom Crime Report 2019, published by Europol and Trend Micro. The report gives an overview of how telecom fraud works and serves as a technical guide for stakeholders in the telecoms industry.

full article here:
Security & Technology News / Spycams Secretly Live-Streamed 1,600 Motel Guests
« Last post by Antus67 on March 24, 2019, 01:06:12 am »

Author: Tara Seals
March 22, 2019 5:11 pm

Four people have been arrested for taking secret videos of guests at motels and live-streaming them to paying audiences.

According to Seoul police, the perps filmed about 1,600 motel guests in the past year in various states of undress and having sex. They did so with tiny wireless spy cameras set up in 42 motel rooms at 30 motels across South Korea, in 10 cities. The devices were hidden inside TVs, hair dryer holsters and electrical outlets.

full article here:
Security & Technology News / Two Found Guilty in Online Dating, BEC Scheme
« Last post by Antus67 on March 24, 2019, 12:57:08 am »
Author: Dark Reading Staff

Cybercriminals involved in the operation created fake online dating profiles and tricked victims into sending money to phony bank accounts.

Two men have been found guilty for their roles in a fraud operation in which cybercriminals spoofed emails, built fake online dating profiles, and fooled victims into sending them money.

Nigerian citizen Olufolajimi Abegunde and Mexican citizen Javier Luis Ramos-Alonso were both part of a cybercriminal organization that manipulated people into sending money to bogus bank accounts under the group's control, the Department of Justice reports. Funds were laundered and wired out of the United States to various locations, West Africa among them.

full article here:
By Lawrence Abrams

The Office for the Inspector General for the DHS issued a report today that detailed how FEMA did not appropriately safeguard the personal information of 2.3 million survivors of hurricanes Harvey, Irma, and Maria and the California wildfires in 2017.

During national disasters, the Federal Emergency Management Agency’s (FEMA) offers a program called Transitional Sheltering Assistance (TSA) that provides shelter to disaster survivors.

In an advisory titled "Management Alert – FEMA Did Not Safeguard Disaster Survivors’ Sensitive Personally Identifiable Information", it is disclosed that FEMA did not appropriately safeguard personal information of survivors, including bank account information, and provided it to a contractor managing the program.

full article here:
Security & Technology News / Firefox and Edge Fall to Hackers on Day Two of Pwn2Own
« Last post by Antus67 on March 23, 2019, 01:47:04 am »

Author: Tom Spring
March 22, 2019 4:28 pm

Browsers Firefox and Edge take a beating on day two of the Pwn2Own competition.

Hackers took down the Mozilla Firefox and Microsoft Edge browsers on Thursday at Pawn2Own, the annual hacking conference held in tandem with CanSecWest, as the competition continued for a second day.

The dynamic hacking duo of Amat Cama and Richard Zhu, which make up team Fluoroacetate, had another good day, following Wednesday’s successes. The two trained their skills first on Mozilla Firefox, leveraging a JIT bug in the browser, followed up by an out-of-bounds write exploit in the Windows kernel. The one-two punch allowed Fluoroacetate to take over the targeted system.

full article here:
Pages: [1] 2 3 ... 10