This blog post is a summary of this weeks Information Security News put together by our Security Incident Response Team (SIRT). Thousands of breached websites turn up on MagBo Black market The research team said it has shared its findings with law enforcement and victims are being notified. A newly-discovered underground marketplace has been peddling […]
About abel de kat angelino
This author has yet to write their bio.
Meanwhile lets just say that we are proud abel de kat angelino contributed a whooping 7 entries.
Huge Cryptomining Attack on ISP-Grade Routers Spreads Globally Carrier-grade MikroTik routers are delivering potentially millions of daily cryptomining pages to the attacker. A massive hacking campaign has been uncovered, compromising tens of thousands of MikroTik routers to embed Coinhive scripts in websites using a known vulnerability. So far, Censys.io has reported more than 170,000 active […]
Intel tells remote keyboard users to delete app after critical bug found. On Tuesday, Intel warned of a critical escalation of privilege vulnerability (CVE-2018-3641) in all versions of the Intel Remote Keyboard that allows a network attacker to inject keystrokes as if they were a local user. The vulnerability received a Common Vulnerabilities and Exposure […]
Netflix could pwn 2020s IT security – they need only reach out and take The container is doomed, killed by serverless. Containers are killing Virtual Machines (VM). Nobody uses bare metal servers. Oh, and tape is dead. These, and other clichés, are available for a limited time, printed on a coffee mug of your choice […]
Memcrashed – Major amplification attacks from UDP port 11211 Over last couple of days we’ve seen a big increase in an obscure amplification attack vector – using the memcached protocol, coming from UDP port 11211. The general idea behind all amplification attacks is the same. An IP-spoofing capable attacker sends forged requests to a vulnerable […]
Apple fixes that “1 character to crash your Mac and iPhone” bug Apple has pushed out an emergency update for all its operating systems and devices, including TVs, watches, tablets, phones and Macs. The fix patches a widely-publicised vulnerability known officially as CVE-2018-4124, and unofficially as “one character to crash your iPhone”, or “the Telugu […]
Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”. For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure […]