Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw

logicfish Security android owners youll want these latest security patches especially this nasty bluetooth hijack flaw All https://go.theregister.co.uk   Discuss    Share
'Pwned with a broadcast' bug among 25 to be patched by Google

Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth.…


Good: IT admins scrambled to patch 80 per cent of public-facing Citrix boxes to close nightmare hijack hole

logicfish Security good admins scrambled patch cent public-facing citrix boxes close nightmare hijack hole All https://go.theregister.co.uk   Discuss    Share
Bad: The other 20 per cent are still wide open. Also bad: Some of those patched machines may have been hacked

Roughly a fifth of the public-facing Citrix devices vulnerable to the CVE-2019-19781 remote-hijacking flaw, aka Shitrix, remain unpatched and open to remote attack.…


Anatomy of OpenBSD's OpenSMTPD hijack hole: How a malicious sender address can lead to remote pwnage

logicfish Security anatomy openbsds opensmtpd hijack hole malicious sender address lead remote pwnage All https://go.theregister.co.uk   Discuss    Share
Function accidentally returns OK instead of no-way

Code dive  The OpenBSD project's OpenSMTPD can be potentially hijacked by a maliciously crafted incoming email.…


Pirates Hijack Full Supertanker Off Nigeria, Kidnap 19 Crew Members

zerohedge News pirates hijack full supertanker nigeria kidnap crew members All https://www.zerohedge.com   Discuss    Share
Pirates Hijack Full Supertanker Off Nigeria, Kidnap 19 Crew Members

A gang of pirates have kidnapped 19 sailors after waylaying then boarding a supertanker loaded with oil, according to various media reports.

Hong Kong-flagged crude supertanker the Nave Constellation, owned by Navios Maritime Acquisition Corporation, was attacked during the evening hours of Dec. 3 while the ship was traveling through Nigerian waters. T

Read More
he attack occurred roughly 60-70 nautical miles south (reports vary) of Nigeria's Bonny Island Offshore Terminal, where the ship was stocked with cargo.

Seven crewmembers were left aboard the ship by the pirates.

According to sources, 18 of the kidnapped were Indian nationals, along with one Turk.

Security firm Dryad Global believes the attack is part of a growing trend, with six incidents and four kidnappings in the area of Tuesday night's incident.

The string of attacks suggests a well-armed and resourceful pirate action group, most likely operating from one or more "mothership"-type vessels, with other smaller, nimbler crafts at their disposal.

A representative for the tanker's owner said the top concern was for the kidnapped crew, according to the New Indian Express.

"Navios as Owners and Anglo-Eastern as Technical and Crew Managers' prime concern is the safety and early return of the 19 persons taken by the pirate gang. All the appropriate authorities, including the Flag State, have been alerted and are responding and all the necessary action is being taken to secure their wellbeing and early release."

As we noted recently, One Earth Future's annual State of Maritime Piracy report highlights incidents of hijacking, kidnapping, robberies and boarding attempts on the high seas. In recent years, they've recorded a steady drop in the number of incidents in East Africa and around Somalia in particular, which was a hotspot for pirate attacks for years.

You will find more infographics at Statista

This pullback has allowed West Africa to take over as the Continent's biggest piracy hotspot. Oil piracy is also big in the Gulf of Mexico, where the number of incidents is also on the rise.

Tyler Durden

Wed, 12/04/2019 - 13:02

This vBulletin vBug is vBad: Zero-day exploit lets miscreants hijack vulnerable web forums

logicfish Security this vbulletin vbug vbad zero-day exploit lets miscreants hijack vulnerable forums All http://go.theregister.com   Discuss    Share
Hackers can inject system commands via version 5 of software, no patch available

An anonymous bug hunter has publicly disclosed a zero-day flaw in the version 5 of the popular vBulletin forum software than can be exploited over the internet to hijack servers. No patch is known to be available.…


Dear Planet Earth: Patch Webmin now – zero-day exploit emerges for potential hijack hole in server control panel

logicfish Security dear planet earth patch webmin zero-day exploit emerges potential hijack hole server control panel All http://go.theregister.com   Discuss    Share
Flawed code traced to home build system, vulnerability can be attacked in certain configs

Updated  The maintainers of Webmin – an open-source application for system-administration tasks on Unix-flavored systems – have released Webmin version 1.930 and the related Usermin version 1.780 to patch a vulnerability that can be exploited to achieve remote code execution in certain configurations.…


Oh sh*t's, 11: VxWorks stars in today's security thriller – hijack bugs discovered in countless gadgets' network code

logicfish Security shts vxworks stars todays security thriller hijack bugs discovered countless gadgets network code All http://go.theregister.com   Discuss    Share
Equipment in hospitals, factories, offices, etc potentially vulnerable to attack

Wind River has patched 11 security vulnerabilities in VxWorks that can be potentially exploited over networks or the internet to commandeer all sorts of equipment dotted around the planet.…


Dodgy vids can hijack PCs via VLC security flaw, US, Germany warn. Software's makers not app-y with that claim

logicfish Security dodgy vids hijack security flaw germany warn softwares makers app-y with that claim All http://go.theregister.com   Discuss    Share
'Fake news!' dev team cries

VLC is said to be once again vulnerable to remote-code execution – meaning a malicious video opened by the software could potentially crash the media player, or joyride it to run malware on the host machine.…


It's that time again: Android kicks off June's patch parade with fixes for five hijack holes

logicfish Security that time again android kicks junes patch parade with fixes five hijack holes All http://go.theregister.com   Discuss    Share
Updates are on the way… if you have a Google device, at least

Google has released its June bundle of security vulnerability patches for Android, with fixes for 22 CVE-listed flaws included.…


Crime doesn't pay? Crime doesn't do secure coding, either: Akamai bug-hunters find hijack hole in bank phishing kit

logicfish Security crime doesnt secure coding either akamai bug-hunters find hijack hole bank phishing All http://go.theregister.com   Discuss    Share
Absolutely criminal behavior – unrestricted file upload, really?

Exclusive  Phishing kits – used by miscreants to build webpages that steal victims' personal information and money by masquerading as legit websites – harbor vulnerabilities that can be exploited by other miscreants to pilfer freshly stolen data.…


Goddamn the Pusher man: Nominet kicks out domain name hijack bid

logicfish Security goddamn pusher nominet kicks domain name hijack All http://go.theregister.com   Discuss    Share
Lord, he'll leave your mind to scream - if you don't renew on time

Nominet has thrown out an attempt at reverse domain name hijacking after some, er, pushy Brits tried seizing their old web address from a fast-fingered fellow in Romania.…

Sign up for our newsletter

Unsubscribe at Anytime | Privacy Policy
Welcome, DisDroidians

Sign up and post your links!

Please Donate
BTC 1DLRw128aWzUUk1rUsSgTACdRSjHuCVd34
Most Viewed Stories
Latest Comments
Disdroid.co.uk - ranking and value