content top

Three suspects arrested in china for spreading WireLurker malware

Three suspects arrested in china for spreading WireLurker malware

Now a days, any mention of malware and Macs in the same setting generally conjures up images of WireLurker. It was notable as a new family of malware specifically targeting iOS devices via USB and is able to penetrate the iPhone's strict software controls. WireLurker has been in action in China for the past six months, first infecting Macs by inserting Trojan software through repackaged OS X apps, then moving on to iOS devices. The firm...

Read More

Cape May-Lewes Ferry Confirms Credit Card Data Breach

Cape May-Lewes Ferry Confirms Credit Card Data Breach

The Cape May – Lewes Ferry has confirmed its payment data systems were infiltrated by hackers who took payment card data on certain systems at the Cape May-Lewes Ferry’s terminals and vessels. Delaware River and Bay Authority(DRBA) that operates the Cape May – Lewes Ferry learned of a possible data breach on July 30 - The same day Jimmy John's learned of the data breach.The organization with the help of third-party cyber forensic experts...

Read More

PHP has fixed several vulnerabilities allowing remote code execution

PHP has fixed several vulnerabilities allowing remote code execution

The PHP development team has released new versions in order to fix three security vulnerabilities -one of them is said to be a critical one and leads to remote code execution.The vulnerability identified as "CVE-2014-3669" can cause an integer overflow when parsing specially crafted serialized data with the unserialize ().The vulnerability is only a 32-bit system, but the danger is caused by the breach and that the serialized data often...

Read More

Critical SQL Injection vulnerability in Drupal 7.x

Critical SQL Injection vulnerability in Drupal 7.x

Security researchers from SektionEins have discovered a critical SQL Injection vulnerability in Drupal CMS that leaves a large number of websites that uses Drupal at risk. Drupal introduced a database abstraction API in version 7.  The purpose of this API is to prevent SQL Injection attacks by sanitizing SQL Queries.But, this API itself introduced a new and critical SQL Injection vulnerability.  The vulnerability enables...

Read More

Russian Hackers use Windows 0-Day exploit to hack NATO, Ukraine

Russian Hackers use Windows 0-Day exploit to hack NATO, Ukraine

Russian Hackers, dubbed the "sandworm team", have been found exploiting a previously unknown vulnerability in Microsoft's Windows Operating systems, reports iSight. The group has used this zero-day exploit to hack computers used by NATO, Ukraine Government, European Telecommunications firms, Energy sectors and US academic organization.The attack starts with a spear-phishing email containing a malicious power point document that exploits...

Read More
content top