250
Apple is making it easier for mobile developers to port their iOS apps to the next-generation macOS Mojave desktop platform—a major step in bringing the two platforms closer together.

However, at the same time, the company straightforward denied the idea of merging the iPhone and Mac operating systems into one platform, which was being speculated for years. So, Apple made it clear that iOS


176

US Government Probes Airline Vulnerabilities, Says Airline Hack Is Only A Matter Of Time

logicfish Security headline government usa flaw terror All https://packetstormsecurity.com   Discuss    Share
177

The foundational technology upon which most cryptographic algorithms built will be of no use in a decade according to many



Modern Encryption Will Become Deprecated Due to Quantum Research on Latest Hacking News.

253
It turns out that the threat of the massive VPNFilter botnet malware that was discovered late last month is beyond what we initially thought.

Security researchers from Cisco's Talos cyber intelligence have today uncovered more details about VPNFilter malware, an advanced piece of IoT botnet malware that infected more than 500,000 routers in at least 54 countries, allowing attackers to spy on


166

Cisco Talos Provides Important Update About VPNFilter

logicfish Security headline government privacy malware russia cyberwar password cisco All https://packetstormsecurity.com   Discuss    Share
176

Data breaches and hacking attempts seem to have become commonplace. We now have news of yet another data breach that



PageUp Confirms Data Breach After ‘Unauthorized Activity’ on Latest Hacking News.

253
You must update your Google Chrome now.

Security researcher Michał Bentkowski discovered and reported a high severity vulnerability in Google Chrome in late May, affecting the web browsing software for all major operating systems including Windows, Mac, and Linux.

Without revealing any technical detail about the vulnerability, the Chrome security team described the issue as incorrect


1

A critical vulnerability has been disclosed by security researchers impacting many open source coding libraries. The researchers discovered the vulnerability



“Zip Slip” – A Critical Vulnerability Exploited in Zip on Latest Hacking News.

171

Apple Jams Facebook's Web-Tracking Tools

logicfish Security headline privacy apple facebook All https://packetstormsecurity.com   Discuss    Share
254
MyHeritage, the Israel-based DNA testing service designed to investigate family history, has disclosed that the company website was breached last year by unknown attackers, who stole login credentials of its more than 92 million customers.

The company learned about the breach on June 4, 2018, after an unnamed security researcher discovered a database file named "myheritage" on a private


250
Despite the continual emergence of new cyber attacks because of misconfigured servers and applications, people continue to ignore security warnings.

A massive malware campaign designed to target open Redis servers, about which researchers warned almost two months ago, has now grown and already hijacked at least 75% of the total servers running publicly accessible Redis instances.

Redis, or


253
A 23-year-old Canadian man, who pleaded guilty last year for his role in helping Russian government spies hack into email accounts of Yahoo users and other services, has been sentenced to five years in prison.

Karim Baratov (a.k.a Karim Taloverov, a.k.a Karim Akehmet Tokbergenov), a Kazakhstan-born Canadian citizen, was also ordered on Tuesday by United States Judge Vince Chhabria to pay a


250
Russia's communications regulator Roskomnadzor has threatened Apple to face the consequences if the company does not remove secure messaging app Telegram from its App Store.

Back in April, the Russian government banned Telegram in the country for the company's refusal to hand over private encryption keys to Russian state security services to access messages sent using the secure service.


255
Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level.

The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical hacker.

The 45 hours of course that includes total 384 in-depth lectures, usually cost $1,273, but


252
Researchers have demonstrated how sonic and ultrasonic signals (inaudible to human) can be used to cause physical damage to hard drives just by playing ultrasonic sounds through a target computer's own built-in speaker or by exploiting a speaker near the targeted device.

Similar research was conducted last year by a group of researchers from Princeton and Purdue University, who demonstrated a


253
The US-CERT has released a joint technical alert from the DHS and the FBI, warning about two newly identified malware being used by the prolific North Korean APT hacking group known as Hidden Cobra.

Hidden Cobra, often known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and known to launch attacks against media organizations, aerospace,


253
Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications.

EOS is an open source smart contract platform, known as 'Blockchain 3.0,' that allows developers to build decentralized applications over blockchain


253
German security researchers claim to have found a new practical attack against virtual machines (VMs) protected using AMD's Secure Encrypted Virtualization (SEV) technology that could allow attackers to recover plaintext memory data from guest VMs.

AMD's Secure Encrypted Virtualization (SEV) technology, which comes with EPYC line of processors, is a hardware feature that encrypts the memory


251
Shortly after Cisco's released its early report on a large-scale hacking campaign that infected over half a million routers and network storage devices worldwide, the United States government announced the takedown of a key internet domain used for the attack.

Yesterday we reported about a piece of highly sophisticated IoT botnet malware that infected over 500,000 devices in 54 countries and


253
Apple is making it easier for its users to download their data the company has collected about them so far.

On Wednesday, Apple just launched a new Data and Privacy website that allows you to download everything that the company knows about you, from Apple ID info, device info, App Store activity, AppleCare history, your online shopping habits to all of your data stored in its iCloud.

A


252
Researchers have found that even after having an advanced encryption scheme in place, more than 100 million Internet-of-Things (IoT) devices from thousands of vendors are vulnerable to a downgrade attack that could allow attackers to gain unauthorized access to your devices.

The issue resides in the implementation of Z-Wave protocol—a wireless, radio frequency (RF) based communications


250
PornHub wants you to keep your porn viewing activities private, and it is ready to help you out with its all-new VPN service.

Yes, you heard that right.

Adult entertainment giant PornHub has launched its very own VPN service today with "free and unlimited bandwidth" to help you keep prying eyes away from your browsing activity.
<!-- adsense -->
Dubbed VPNhub, the VPN service by PornHub is


251
More than half a million routers and storage devices in dozens of countries have been infected with a piece of highly sophisticated IoT botnet malware, likely designed by Russia-baked state-sponsored group.

Cisco's Talos cyber intelligence unit have discovered an advanced piece of IoT botnet malware, dubbed VPNFilter, that has been designed with versatile capabilities to gather intelligence,


251
Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple.

Variant 4 comes weeks after German computer magazine Heise reported about a set of eight Spectre-class vulnerabilities in Intel CPUs and a small number of ARM processors, which may



Read More
rame>
255
Widespread routers' DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users.

Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users' login credentials and the secret code for two-factor


255
A critical remote code execution vulnerability has been discovered in the popular Electron web application framework that could allow attackers to execute malicious code on victims' computers.

Electron is an open source app development framework that powers thousands of widely-used desktop applications including WhatsApp, Skype, Signal, Wordpress, Slack, GitHub Desktop, Atom, Visual Studio


255
With a heavy heart, security researchers have early released the details of a set of vulnerabilities discovered in email clients for two widely used email encryption standards—PGP and S/MIME—after someone leaked their paper on the Internet, which was actually scheduled for tomorrow.

PGP and S/MIME are popular end-to-end encryption standards used to encrypt emails in a way that no one, not


255
Adobe has just released new versions of its Acrobat DC, Reader and Photoshop CC for Windows and macOS users that patch 48 vulnerabilities in its software.

A total of 47 vulnerabilities affect Adobe Acrobat and Reader applications, and one critical remote code execution flaw has been patched in Adobe Photoshop CC.

Out of 47, Adobe Acrobat and Reader affect with 24 critical vulnerabilities—


254
Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels.

However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using


250
For the second time in less than a week, users of the popular end-to-end encrypted Signal messaging app have to update their desktop applications once again to patch another severe code injection vulnerability.

Discovered Monday by the same team of security researchers, the newly discovered vulnerability poses the same threat as the previous one, allowing remote attackers to inject malicious


254
A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system.

The vulnerability, tracked as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems.

Whenever your system joins a network, it’s the DHCP client


252
After the revelation of the eFail attack details, it's time to reveal how the recently reported code injection vulnerability in the popular end-to-end encrypted Signal messaging app works.

As we reported last weekend, Signal has patched its messaging app for Windows and Linux that suffered a code injection vulnerability discovered and reported by a team of white-hat hackers from Argentina.
<!


What is Plikli?

Plikli is an open source content management system that lets you easily create your own user-powered website.

BMC logoBuy me a coffee
Latest Comments
Statistics