Phpbb is a free online forum available and thousands love using it in different ways for exchange of ideas, discussions or build a business. However the spammers are equally busy running auto bots which can create users , fill up captcha and post their own spam topic. In a recent research at mobilesecurityresearch, we […]
Its the comeback of OWASP top 10 – 2013. Nothing much has changed security threat landscape when it comes to applications. Below is the screenshot from OWASP pdf and link to the main pdf. OWASP TOP 10 list of 2013 published list. 1) Injection 2) Broken Authentication and Session Management 3) Cross-Site Scripting (XSS) 4) […] The notorious Zeus Trojan from is back to the market with a new set of variants. This was first spotted since 2007, a wide spread powerful trojan targeting bank accounts. Now a report from TrendMicro has shown the come back of Zeus with a new variant. As per net-security : “In this particular instance, the malware […] Apple’s most advanced operating system has been hacked within 48 hours of release. Its a shame on Apple that they don’t test for Security. Often people are still in denial that Apple has no Security issue. Its all a myth and they need to do something about it. I understand its only Beta but I […] Hackmiami had its first ever Hackers conference in Miami, Florida. Hackmiami started by a small group of passionate folks since 2008 has grown itself to a full fledged hacking community in Florida with the intention of educating the information security community in staying ahead of the bad guys. The Hackmiami 2013 conference had a variety […] The Dorkbot worm, which first appeared in 2011 and has since been spreading via removable drives, IM programs and social networks, is currently targeting Facebook users. According to Bitdefender reports, over 9,000 malicious links pointing to the malware have been detected in 24 hours. The worm is delivered to potential victims via a chat message […] Multiple reports regarding this threat was first discovered in Brazil. Microsoft detect it as Trojan:JS/Febipos.A. The malware is a malicious browser extension specifically targeting Chrome and Mozilla Firefox as reported by Microsoft Malware Protection Center. As per Microsoft reports : When installed, it attempts to update itself using the following URLs: Chrome browser: du-pont.info/updates/<removed>/BL-chromebrasil.crx […] The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. A vulnerability was discovered using fuzzing in linux kernels 2.6.37 till 3.8.9. The vulenrability requires the kernel to be compiled with PERF_EVENTS, but unfortunately that seems […] Its time for apple’s turn to take a hit. Researcher Elie Bursztein demonstrated how apple store communicated with plan text. After a decade, Apple finally turns HTTPS on for the App Store, fixing a lot of vulnerabilities. It was almost unbelievable that Apple opened their doors for years. As per ELIE.IM : “By abusing the lack of encryption (HTTPS) […] Bogus alert from Microsoft Digital Crime Unit carries malware. Microsoft Digital Crime Unit helps fight online crimes partnering with other organisations, the division of Microsoft that was responsible to take down few of botnets and investigate of various online legal issues. As per Sophos the spammed out email looks like the screenshot below. The email with the old […]