Month: September 2017

  • High-severity flaw opens Siemens Industrial Switches to attacks

    Siemens has started releasing security patches to fix a high severity access control vulnerability in its industrial switches tracked as CVE-2017-12736. The flaw was discovered by experts at Siemens and could be exploited by remote attackers to hack some of Siemens industrial communications devices. Read full news article on Security Affairs  

  • Hackers compromised over 50,000 accounts of ‘Kinopoisk’ website to change rating of movie ‘Crimea’

    Hackers compromised over 50,000 user accounts of the Kinopoisk(Movie Search) website – One of the leading online database for movies in Russia. The main goal of hackers was increasing the rating of a film “Crimea”, which was expected on the screens. Read full news article on E Hacking News  

  • Writing SSL Proxy, Part I: Routing

    RavenDB 4.0 uses x509 client certificates for authentication. That is good because it means that we get both encryption and authentication on both ends, but it does make it more complex to handle some deployment scenarios. Read full news article on Dzone  

  • Phish For The Future – spear-phishing attacks target Internet Freedom Activists

    EFF published the report on “Phish For The Future,” an advanced persistent spearphishing campaign targeting Freedom Activists. The Electronic Frontier Foundation (EFF) confirmed that a sophisticated spear-phishing campaign targeted the employees of Internet freedom NGOs “Free Press” and “Fight for the Future” The EFF revealed that it is aware at least 70 attempts to steal the credentials of…

  • Three Sexy Enterprise Infrastructure Innovators

    While these startups are all relatively new to the market, they are all experiencing healthy customer traction – essential to my decision to include them here. Read full news article on Forbes.com  

  • Google reveals why it killed NFC Smart Lock in Android

    It recently came to light that Google had killed off NFC Smart Lock in Android — without telling anyone. Now the company has come clean about just why the feature was given the chop. Read full news article on BetaNews  

  • Millions of Macs open to EFI Firmware Hacks even if they are up-to-date

    A group of researchers with Duo Security demonstrated that millions of Up-to-Date Apple Macs are vulnerable to EFI Firmware attacks. In 2015, the security researcher Trammell Hudson demonstrated at the Chaos Computer Congress in Hamburg, how it is possible to infect Apple Mac PCs exploiting the Thunderbolt port. Read full news article on Security Affairs  

  • 6 Essential Leadership Questions For Equifax

    Here are 10 leadership questions that Equifax should address in the wake of its historic credit breach. Read full news article on Forbes.com  

  • Article: A 4-Step Guide to Building Continuous Security Into Container Deployment

    Containers face security risks at every stage, from building to shipping to the run-time production phases. Securing them requires a layered strategy throughout the stack and the deployment process. Read full news article on InfoQ  

  • How Good Are Equifax’s Identity Protection Offerings?

    massive Equifax data breach has been unrelenting since the credit bureau publicly disclosed its lapse at the beginning of September. It’s difficult to keep up with all the company’s blunders, not to mention the complicated fiscal policy and regulatory debates the incident has fueled. Read full news article on Webmonkey  

  • Hikvision Security Cams Compromised to Display “HACKED”

    If you own Hikvision security cameras you would have noticed the sudden change in the live feed display where the normal footages were replaced with the term HACKED. However, it isn’t the case with all Hikvision security cameras but only some of them but if you are the owner of one such camera then it…

  • Crooks spreads backdoor devised as a security WordPress Plugin

    Experts from Sucuri discovered crooks are spreading a fake WordPress plugin dubbed X-WP-SPAM-SHIELD-PRO containing a backdoor. A fake WordPress plugin dubbed X-WP-SPAM-SHIELD-PRO containing a backdoor was spread by crooks abusing the popularity of WP-SpamShield Anti-Spam, a WordPress antispam tool. Read full news article on Security Affairs