Archives for 

Application Security

EC-Council, Security Certification Group website hacked and defaced

“Although EC-Council has been respected by corporations and governments, many in the in the security community don’t agree the way they certify and considered it as useless certification ”  Analysts predict that Passports of more than 60,000 US military and government IT professionals at risk Hacker went by the name of Eugene Belford, claims to […]
Share Button
Continue reading →

Youtube serving Malwar- Caphaw Banking Trojan

Monetizing by  serving ads has been the business model lately by most know sites like facebook, twitter, google, msn.com and various other websites. However there is a dark ecosystem in which these ads are either hijacked or compromise user accounts to server malware.  A similar issue was seen by  Bromium Labs  and has been reported […]
Share Button
Continue reading →

Syrian Electronic Army hacks Forbes, steals user information

This time Syrian Electronic Army has targeted Forbes for the big hack day. SEA published the hack on Friday, showing several screenshots of the WordPress admin panel backend of the Forbes.com website.                       SEA  said in a tweet that more than one million user e-mails and passwords […]
Share Button
Continue reading →

More than 2000 TESCO customers account hacked and posted online

              TESCO has been targeted by hackers this time and account information of more than 2000 customers have been posted online on pastebin. Tesco.com internet shopping accounts, personal details and Tesco club card details  were  posted last Thursday online by the hackers. As a result ,  Tesco was forced […]
Share Button
Continue reading →

More than 7,000 FTP sites compromised and infected with malware

Researchers from Hold Security have discovered more than 7,000 FTP sites have been compromised by  to infect malware or to attempt to compromise connected web services. “Hackers planted PHP scripts armed with backdoors (shells) and viruses in multiple directories hoping that these directories map to Web servers of the victim companies to gain control of the […]
Share Button
Continue reading →

OSX/CoinThief a New Apple Mac Bitcoin stealing Trojan Discovered -SecureMac

CoinThief, a Bitcoin-stealing Trojan targeting Mac users, was discovered offering on several download websites such as CNET’s Download.com and MacUpdate.com. It was also available masquerading as pre compiled binaries in multiple GitHub projects. The malware variant installs a browser extensions for Safari and Google Chrome to monitor all web browsing traffic, specifically looking for login […]
Share Button
Continue reading →

US Veterans of Foreign Wars website compromised by IE Zero day Exploit (CVE-2014-0322)

Recently  a zero day vulnerability in Internet Explorer was discovered(CVE-2014-0322)). Researchers from Fireeye has identified that hackers are using this vulnerability in targeting US military personals. Furthermore they also suspect that this may be a very strategic campaign (Operation Snowman) during the President’s day weekend. FireEye researchers observed  drive-by-download attack which  alters HTML code of the […]
Share Button
Continue reading →

Careto/Mask APT cyber-espionage operations running and undetected for 7 long years

Its almost sounded unbelievable when Kaspersky research published a cyber espionage APT campaign MASK (Careto) that’s been running in the wild since 2007, undetected, targeting 31 countries.   The complexity of the tools used for MAST by the attackers are very sophisticated which makes its very special. This includes an extremely sophisticated piece of malware, a […]
Share Button
Continue reading →

Snapchat app is vulnerable to DDoS attack, can crash your iPhone,reacts to it very stubborn.

Jamie Sanchez, a security researcher discovered a vulnerability within Snapchat mobile app which can crash your iphone by Denial of Service attack. The vulnerability can enable a hacker to launch DoS attacks which can potentially crash a users phone or requires that the user perform a hard reset. He further says with a video that […]
Share Button
Continue reading →

Adobe released Emergency Flash Player update for critical zero day threat – CVE-2014-0497

Adobe released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker gaining remote control of the compromised systems. The security flaw exists in Adobe Flash Player 12.0.0.43 and earlier versions  Adobe thanks Alexander Polyakov and Anton Ivanov of Kaspersky Labs […]
Share Button
Continue reading →