A spambot going by the auspicious name of Onliner Spambot has compromised 711 million email addresses and passwords. This was discovered when security researcher Benkow came across a web server tha…
Quelle: Onliner Spambot server breaches 711 million email addresses and passwords
Javvad Malik & Chris Doman of AlienVault on why getting the basic stuff done is more useful than AI right now.
Quelle: IDG Connect – Be warned: AI won’t fix all your security issues
A detailed explanation of how malicious hackers use vulnerable web applications to bypass firewalls and hack other web applications on the local network.
Quelle: Vulnerable Web Applications on Developers Computers Allow Hackers to Bypass Corporate Firewalls
For ransomware enthusiasts, the April release of stolen NSA Windows exploits is a gift that will not stop giving. Just weeks after the Shadowbrokers‘ „Lost
Quelle: Preventing the Next Petya: Block New Exploits by Defending Old Vulnerabilities | McAfee Blogs
The developer of a tool named Eternal Blues that scans for computers vulnerable to the NSA’s ETERNALBLUE exploit has published statistics gathered from the app’s usage.
Quelle: App Finds More Than 50,000 Computers Vulnerable to ETERNALBLUE Exploit
Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year.
Quelle: Adobe Fixes Six Vulnerabilities in Flash, Connect
Fewer than 10% of top news and sport websites use basic security protocols to protect content, study finds.
Quelle: News and sports websites ‚vulnerable to attack‘ – BBC News
SambaCry is using a vulnerability in Samba installations to compromise Linux machines and use them as victims in a large cryptocurrency (Bitcoin or Monero or any other currency) mining process, also enables a remote attacker to hack into affected Linux systems. Samba said in a security advisory: “All versions of Samba from 3.5.0 onwards are […]
Quelle: Hackers now exploiting SambaCry vulnerability to attack Linux! – Tech World
Photo credit: wdstockDoes this scenario look familiar to you?Monday – “Roll up your sleeves, people! We’re going to patch some security vulnerabilities this week! I can FEEL it!”Tuesday – “Reports are sent out and tickets have been created. They can’t ignore all those Highs and Critical CVEs THIS time!”Wednesday – “I haven’t heard back from anyone yet. Maybe they’re so busy patching, they forgot to message me.
Quelle: The Problem with Vulnerability Management