Security by Passion !
Security researchers at Ben Gurion University have discovered a serious flaw on Android’s VPN implementation, exposes protected data. As per the researchers, the Android vulnerability allows a malicious app to bypass virtual private network (VPN) configurations( no root permission required) , and ultimately send unencrypted data to an attacker. “The secure data communications can be captured in […]
Not long ago we heard about Target breach and Neiman marcus . This time its about massive data breach from South Korea. Credit card details from almost half of all South Koreans have been stolen and sold to marketing firms. As per the reports, the data was stolen by a contractor working for Korea Credit Bureau. Korean banks […]
A new hack has been discovered and thirteen suspects have been indicted in New York on a Bluetooth enabled skimming skimming scheme that netted them more than $2 million throughout southeastern United States. The skimming devices were placed on gas station pumps at Raceway and Racetrac gas stations throughout Texas, Georgia, and South Carolina recorded […]
Its not a good time for Microsoft . SEA defaced Microsoft’s office blog as promised last week and Microsoft at its keens again. It appears that SEA has been trolling Microsoft by compromising much larger than people though. The compromised Microsoft twitter read : “Dear @Microsoft, Changing CMS will not help you if your […]
Can you imagine your home television becoming a zombie ? As scary as it sounds , the reality is in front of us. Most of the current day televisions, refrigerators, surveillance devices and temperature control devices( Internet of Things- IoT) are all part of a home network, which in turn connects to the internet. None […]
Security researcher Daniel E. Wood discovered that Starbucks IoS App stores username, email address and passwords in clear text(CVE-2014-0647) . Starbucks mobile payment apps are used widely by customers for its easiness to buy privileges. However this disclosure comes with a surprise because all the customer data gets stored in plain text and easily available for […]
A trojanised app version of “Minecraft – Pocket Edition” has been in the wild tricking infected users by sending SMS messages to premium rate services. As per F-Secure researchers, the purpose of the fraudster is to generate revenue sending text to various services for which users would have never purchased. Lately in the Google […]
As per the Prolexic reports,DDoS attacks have increased to 26.09% compared to Q4 2012, 17.42% increase in application layer attacks 28.97% increase in infrastructure layer ( Layer 3 & 4) attacks,28.975 decrease in average attack duration9 i,e 22.88 vs 32.21 hours) Increased mobile devices usage have increased the number of malacious apps on the internet, […]
The Solutionary Security Engineering Research Team (SERT) Threat Intelligence Report for Q4 2013 contains research focused on the distribution and analysis of malware. The report highlights that Unites States is the biggest hoster of malware in the world , Godaddy.com , Google and Amazon cloud leading the list of infections. Report highlights the following points : […]
A new type of DDoS ( Distributed Denial of Service) attack has taken down several servers last weekend. Popular games servers for Steam, Origin, Battle.net, and League of Legends were victim of the attack The new type of DDoS abuses the Network Time Protocol (NTP), which keeps computers’ clocks synced up to Coordinated Universal Time, […]