The Remote Code Execution vulnerability Apache Structs 2.x which was discovered July 17th appears to be seen more often as reported by sans last week. A bulletin detailing exploit attempts targeting this vulnerability has been seen lately by sans. The CVE identified for this issue is CVE-2013-2251. It’s a high critical remote code execution which […]
DHL fake phishing email has been around for a while. A new set of emails has been going around since last week. Arun from Mobilesecurityrearch received a email from DHL which almost […] Hacker could use the known vulnerability to pose as a known Wi-Fi access point, thereby causing WindowsPhone 7.8 or Windows Phone 8 devices to automatically attempt to authenticate with it. During this process it will be handing over encrypted domain credentials (password) to the attackers. Microsoft has issued an advisory warning concerning a Windows Phone […] The new attack plucks secrets from HTTPS-protected pages was demonstrated on Blackhat last Thursday. The well known “HTTPS” which protects millions of sites across the world is prone to attack. The exploit called BREACH bypasses the SSL crypto scheme protecting millions of sites. It decodes encrypted data that online banks and e-commerce sites send in […] Not long ago one of my friend was skeptical of using any airport “quick phone chargers”. It was a scary concept but as technology is turning towards mobile it comes with no surprise that attackers are targeting power points.The bogus chargers which charges the phone also has transformers. The Iphone treats this as a computer […] Its yet another day for twitter lost the battle for spammers. Mobile Security research saw a increased number of spam emails sent from twitter accounts to anyone from their contact list. When one of researcher found spam email in his personal box, he was surprised. Even I received a spam email from one our researchers. […] McAfee identified a unusual behavior of a Android app that was set to go on for July 4th. The app. As per Netsec , “The app in question is Jay Z Magna Carta, which has ben recently made available on Google Play, and allows users of certain Samsung devices to listen to the rapper’s new […] Yahoo was one of the hottest business couple of years back. They had a great frontend, paid services for extra storage and tons of small business tools. As business grows they lost focus on their core business. Overt the time, spam increased exponentially, yahoo messenger was screaming of spam links all the time, spammers used […] An alarming news broke from Facebook security last Friday on 21st at 7.50pm EST. Its not the hack that exposed this information but it was because of a bug. Its scary that facebook doesn’t even test their code when going to production. This clearly shows the ignorance of facebook and their security team putting users […] Shadowserver is a non-profit organization like abuse.ch, informs the associated network owners about the infections reported by my sinkhole, in addition to infections reported by their own sinkholes and sinkholes run by other operators. Every Computer Emergency Response Team (CERT), Internet Service Provider (ISP) and network owner can get a feed from Shadowserver for their […]