Tag: Exploit

windows

Windows 8.1 Vulnerability Discovered by Google Security Team

Members of Google’s highly-regarded Zero security team have released details about a new privilege exploit they discovered buried deep in the central architecture of Windows 8.1. The exploit works by hijacking the way Microsoft validates impersonation level access keys in system bound processes (such as BITS). It was first reported to representatives at Technet back […]

dridex

New DRIDEX Malware Deploys Macro Technique to Infect Users

According to a recent blog post from security researchers at the threat monitoring group Trend Micro, a new malware known as DRIDEX has been spotted targeting banking institutions and individual customers who log into their financial accounts from their desktops at home. An evolution of the long-defunct CRIDEX bug which made its debut last year, […]

Security Flaw Discovered in OSX Yosemite, Dubbed “Rootpipe”

Details have emerged on Twitter regarding a new exploit for OSX Yosemite that gives hackers the ability to escalate administrative privileges on a compromised machine, and bypass the usual safeguards which are supposed to place a stop on anyone who tries to root the OS through a temporary backdoor. First discovered by Swedish penetration tester […]

hazmat

Ebola-Themed Emails Used To Spread Malware

As of today, 4,881 deaths of Ebola had been reported in West Africa. While the rapid spread of the virus and risk of a pandemic is causing fear around the globe, cyber criminals are trying to exploit the situation as casual email users forget basic security practices in an attempt to keep themselves ‘updated’. Security […]

Google Discovers a Vulnerability in SSL 3.0, Dubbed “Poodle”

This Tuesday, Google announced they had discovered a major vulnerability in the SSL 3.0 protocol. They haven’t released any further details on the scope of the problem or the exact systems it could potentially affect, but stay tuned to VPN Creative for all the latest news as it develops. UPDATE: Google has officially released their […]

iSIGHT

Russian ‘Sandworm’ Virus Discovered, NATO Targeted

Researchers from the security firm iSight have announced their discovery of a new zero-day exploit, Sandworm, that had “wormed” its way into the networks of several major government organizations including NATO and Ukranian institutions. Because of the specific nature of the targets listed, iSight was quick to pick up a trail on the culprits, all […]

Mozilla Patches Flaw in Bugzilla Bug Reporter

In one of the more “Inception-esque” exploits this side of 2014, the security outfit CheckPoint Security have announced they have discovered a crack in Mozilla’s Bugzilla bug reporting software which allowed anyone who knew their way in the ability to view and record all the latest bugs that were appearing in system-wide version revisions of […]

murder

Murder By Internet Could Be A Reality, Say Researchers

The constantly evolving nature of Internet of Everything (IoE) is making us more and more vulnerable to online crimes, a US firm has warned. The scary part is that governments are not prepared to combat this threat of ‘online murder’ as criminals exploit Internet technologies to target their victims. Europol says that in the immediate […]

BadUSB Source Code Published on Github

Back in August of this year, we wrote about a new form of malware called BadUSB, which was capable of infecting billions of devices currently in operation around the globe, everything from mice to keyboard, and even simple flash-based thumb drives. The flaw was originally discovered by researchers at Security Research Labs in Berlin, which […]

Google Threatened With Lawsuit Over Nude Celebrity Pics

Google could be facing a hefty $100 million lawsuit over failing to remove links to nude celebrity photos leaked through iCloud. Lawyer Marty Singer is representing over a dozen celebrities, according to Hollywood Reporter, and has sent a scathing letter to Google over failing to remove the sensitive content from platforms like YouTube and Blogger. […]

WordPress Resets User Passwords After Gmail Leak

In a precautionary move, WordPress.com has reset 100,000 users’ passwords following this week’s Gmail password dump on a Bitcoin forum. “This list was not generated as a result of an exploit of WordPress.com, but since a number of emails on the list matched email addresses associated with WordPress.com accounts, we took steps to protect our […]

No Heartbleed Attacks Before Disclosure, Says Report

This week, researchers from the University of Illinois, Cal Berkeley, Purdue, and the International Computer Science Institute revealed a new report, which alleges that a large majority of the attacks for Heartbleed didn’t take place until after the bug’s public disclosure back in April of this year. Because the SSL vulnerability was only previously known […]

router

Research: Hackers Could Break Wi-Fi Routers in 1 Second

Hackers, commonly, require multiple guess attempts at codes and passwords when they try to break Wi-Fi router security. However, research by the Swiss security firm 0xcite has detailed a flaw in some Wi-Fi router chipsets that enable hackers to bypass the push-button security of WPS (Wi-Fi Protected Setup) instantly. While a common attack takes up […]

Second NZ ISP Launches Global Mode Feature

Undeterred by the advertising bans that its fellow Internet provider has faced, New Zealand ISP Orcon has launched its own VPN-like service that will allow customers in the country to access services like Netflix. The ISP’s service is also called Global Mode, like Slingshot’s service, which has led to a number of New Zealand TV […]

NOAA Slow to Fix Weather Satellite Vulnerabilities

The US National Oceanic and Atmospheric Administration (NOAA) is behind schedule in updating its newest satellite systems and, as a result, is facing serious security vulnerabilities. The Department of Commerce Assistant Inspector General issued an urgent report to NOAA Under Secretary Dr. Kathryn D. Sullivan. The report refers to an audit on NOAA’s IT security […]

Online Dating Scam Pulls Over $1 Million out of Elderly Singles

A new scam on several popular dating sites has been brought to light when a new case was presented in the District Court of Maryland, indicting several members of an underground ring that would scam older women out of their money through promises of gold, jewels, and perhaps most heart-breaking of all…love. The hacker behind […]

911 emergency system

911 Emergency System Is Vulnerable to Hackers

Cyber mayhem has become widespread and has even left 911 emergency system vulnerable to hacks and other security threats. As the emergency phone system has a single point of entry, a single hacking attack can disrupt the entire infrastructure and impact every emergency respondent. It goes beyond than that; as 911 is a critical infrastructure […]

Microsoft Releases Newest Round of Fixes

Microsoft has patched a number of bugs with nine new fixes, most notably updating Internet Explorer. Vulnerabilities that affect Internet Explorer 6 through 11 have been addressed. Some of the flaws discovered by Microsoft could have allowed remote code execution (RCE). “The most severe of these vulnerabilities could allow remote code execution if a user […]

Tails I2P Vulnerability Puts Thousands at Risk

Tails, the OS designed by the same engineers behind the now-infamous Tor protocol, is under threat. Earlier this week, Austin-based zero day vendor Exodus Intelligence revealed that the I2P protocol on which Tails depends to anonymize its movements online, has been compromised by a new packet-sniffing technique that could put its userbase of around 30,000 […]