web analytics

Cisco IOS Flaws Expose Rockwell Industrial Switches to Remote Attacks

By Eduard Kovacs on August 25, 2017   Rockwell Automation has informed customers that some of its Allen-Bradley Stratix and ArmorStratix industrial ethernet switches are exposed to remote attacks due to vulnerabilities in Cisco’s IOS software.   The Allen-Bradley Stratix and ArmorStratix switches, which ICS-CERT says are used worldwide in the critical manufacturing, energy and… Continue reading Cisco IOS Flaws Expose Rockwell Industrial Switches to Remote Attacks

Hash of the Titan: How Google bakes security all the way into silicon

Locking down servers and cloud with this itty-bitty chip By John Leyden 25 Aug 2017     Google has unveiled more details about how security built into its custom silicon chips underpins the integrity of its servers and cloud-based services.   A blog post details how Google’s custom Titan chip provides a hardware-verified boot and… Continue reading Hash of the Titan: How Google bakes security all the way into silicon

Mozilla Firefox 55.0.3 Final

Mozilla Firefox 55.0.3 Finalhttps://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/ Download Page | All Languages and OShttps://www.mozilla.org/en-US/firefox/all/http://download-installer.cdn.mozilla.net/pub/firefox/releases/55.0.3/   En-US x86https://download.mozilla.org/?product=firefox-55.0.3-SSL&os=win&lang=en-USx64https://download.mozilla.org/?product=firefox-55.0.3-SSL&os=win64&lang=en-US Take a look at the best antivirus, anti-malware, anti-spy, etc. software Powered by WPeMatico

Cyber News Rundown: Edition 8/25/17

    UK NHS Database Exposes Over 1 Million Patient Records   During the past week, a breach was discovered in patient booking system SwiftQueue, which is widely used by several National Health Service (NHS) facilities. The database may have contained patient information for up to 1.2 million UK citizens, though the actual data has yet to… Continue reading Cyber News Rundown: Edition 8/25/17

PoS Flaws Allow Hackers to Steal Card Data, Change Prices

By Eduard Kovacs on August 25, 2017   Point-of-sale (PoS) systems developed by SAP and other vendors have serious vulnerabilities that can be exploited by hackers to steal payment card data from the targeted organization’s network and change the price of items they want to purchase.   Researchers at ERPScan discovered that SAP’s POS product,… Continue reading PoS Flaws Allow Hackers to Steal Card Data, Change Prices

Researcher Releases Fully Working Exploit Code for iOS Kernel Vulnerability

August 24th, 2017   By Catalin Cimpanu     Adam Donenfeld, a researcher with mobile security firm Zimperium, has published today proof-of-concept code for zIVA — a kernel exploit that affects iOS 10.3.1 and previous versions. The zIVA exploit code allows an attacker to gain arbitrary RW (Read Write) and root access.   Apple patched flaws… Continue reading Researcher Releases Fully Working Exploit Code for iOS Kernel Vulnerability

DreamHost smashed in DDoS attack: Who’s to blame? Take a guess…

See Also – Government Demands 1.3 Million IP Addresses of Anti-Trump Website Visitors   Is it the alt-right or anti-fascists? Most likely the latter   By Iain Thomson in San Francisco 24 Aug 2017     Web hosting biz DreamHost has been largely crippled today by a distributed denial of service attack, bringing down most… Continue reading DreamHost smashed in DDoS attack: Who’s to blame? Take a guess…

A blast from the past: Mobile trojans abusing WAP-billing services

Fraudsters now piggybacking on 2.5G mobile tech By John Leyden 24 Aug 2017   mikeledray/Shutterstock   Crooks slinging mobile trojans have reverted to old techniques by stealing users’ money through WAP-billing services.   The “unusual” rise in mobile trojan clickers that steal money from Android users through Wireless Application Protocol (WAP) billing has been tracked… Continue reading A blast from the past: Mobile trojans abusing WAP-billing services

Google Chrome 60.0.3112.113 Stable

Google Chrome 60.0.3112.113 Stable https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html   x86http://redirector.gvt1.com/edgedl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://redirector.gvt1.com/edgedl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://dl.google.com/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://dl.google.com/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://www.google.com/dl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://www.google.com/dl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exe x64http://redirector.gvt1.com/edgedl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://redirector.gvt1.com/edgedl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://dl.google.com/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://dl.google.com/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://www.google.com/dl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://www.google.com/dl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exe   Google Chrome Enterprise  x86https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=win32msi x64https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=win64msi MAC https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=mac Linux https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.debhttps://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm Take a look at the best antivirus, anti-malware, anti-spy, etc. software Powered by WPeMatico

Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root

August 24th, 2017  by Michael Mimoso     A deprecated Apple authorization API, invoked by third-party installers, is still developers’ preferred choice for updating apps and services on macOS. And that’s a problem because of a massive security issue that could be abused by a local attacker to elevate privileges to root with a little… Continue reading Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root