You Are Here: Home » Posts tagged "attack"

Hackers Can Attack Social Logins to Impersonate Users, IBM Study Shows

Cyber-criminals can exploit social logins, such as the “Sign In With Facebook/LinkedIn/etc” buttons, to hijack accounts and impersonate users through a technique dubbed SpoofedMe, according to IBM research. To run the attack, hackers register a spoofed account at a vulnerable identity provider using the victim’s email address. Cyber-criminals can then post misleading information and even malware on victims’...

Tor Admins Call for Calm after Research Attack Reveals 81 Percent of Users

The Tor project has called for calm despite research that shows 81 percent of users could be identified using Cisco's NetFlow technology, according to The Register. The study revealed that powerful attackers such as nation-state hackers could reveal Tor users' identity with a false-positive rate of 6.4 percent, while an autonomous system could reveal about 39 percent of users. The paper On the Effectiveness...

MD5 Hash Broken via Collision Attack of Less Than $1

The MD5 hash collision attack that hijacked the Windows Update system back in 2012 was replicated with just 65 US cents worth of cloud computing fees, according to Nathaniel McHugh's blog post. The MD5 collision attack has been previously used by the Flame malware that spoofed its signing code with the one from Microsoft’s certificates using MD5 hash algorithm. McHugh used an open source application dubbed...

Drupal Core SQL Injection Vulnerability Leveraged in Drive-by Attacks

The Drupal Core SQL vulnerability disclosed two weeks ago has been recently leveraged in automated attacks aiming to compromise websites, according to an announcement by Drupal "Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection," Drupal advised. "You should proceed under th...

Apple’s Four-Digit Passcodes Still a Weak Link in iOS8 Encryption, Researcher Says

Apple's newly revised encryption system from iOS 8 is susceptible to brute-force attacks in certain circumstances as users pick four-digit passcodes, according to Joseph Bonneau's research. The new encryption system adopted in iOS 8 concerned US law enforcement because Apple would lack access to the encrypted user data, though it can still be vulnerable in some circumstances. "Users with any Simple Passcode...

EA and Activision Servers Hit by Lizard Squad; DDoS against FIFA, Madden, Sims 4, Call of Duty and Destiny

The hackers collective Lizard Squad has disrupted a series of EA and Activision servers in the past two weeks, according to Forbes. The distributed denial-of-service (DDoS) attack seems to have temporarily taken down popular titles such as EA's FIFA, Madden and Sims 4, as well as Activision's Destiny and Call of Duty: Ghosts. "We're predicting a lot of mad gamers this weekend," the hackers tweeted."Woah, I...

TOR Users Allegedly De-anonymized due to “Relay Early” Attack

Tor users may have been de-anonymized due to a ‘relay early’ attack that spawned from February 2014 to July 4, according to The Tor Project’s blog post. Tor is a complex network of virtual tunnels focused on privacy and anonymity of its users from surveillance. So far it was alleged by Gizmodo that the attack came from the Carnegie Mellon's CERT researchers who recently canceled their BlackHat talk on Tor u...

Evernote and Feedly Disrupted by Distributed Denial-of-Service Attacks

Services of online notes and web clipping service Evernote were disrupted today by a distributed denial-of-service attack, the company announced on Twitter.  RSS reader Feedly’s services were also disrupted in a separate attack at the same time. The services of Evernote were up and running again three hours after the second announcement. So far the source of the attack is unknown as it started on Tuesday at...

Game Website Wurm Offers 10,000 Euro Reward for Hackers behind DDoS

Free online game website Wurm is offering a 10,000 euro ($13,000) reward for details on the culprits behind the recent DDoS attack that affected its servers, according to The Hacker News. The multiplayer game was hacked hours after their 1.2 update. “Shortly after today’s update we were the target of a DDOS attack and our hosting provider had to pull us off the grid for now,” game developer Rolf Jansson sai...

Largest DDoS Attack in History Signals ‘Start of Ugly Things to Come’

The biggest DDoS attack in history that exploited a Network Time Protocol vulnerability has been recorded this week, according to the BBC. The attack measured 400+ gigabits per second - 100 Gbps larger than the one on Spamhaus. The Network Time Protocol (NTP) is a clock synchronization network protocol between computer systems, operational since 1985. Even if changes were made, the operation process is stil...

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top