Wednesday, November 4, 2015

vBulletin password hack fuels fears of serious Internet-wide 0-day attacks

Developers of the vBulletin software package for website forums released a security patch Monday night, just hours after reports surfaced that a hack on the developers' site leaked password data and other sensitive information belonging to almost 480,000 subscribers.

vBulletin officials have put in place a mandatory password reset for all users after discovering it was subjected to a hack attack. They went on to warn that the attacker "may have accessed customer IDs and encrypted passwords on our system." A separate post on the vBulletin site makes reference to a security patch for versions 5.1.4 through 5.1.9 of the vBulletin Connect software package.

Sunday, August 3, 2014

Attackers Compromise TOR Network to De-Anonymize Users of Hidden Services


A critical vulnerability in Tor — an encrypted anonymizing network considered to be one of the most privacy oriented service, which is used by online users in order to hide their activities from law enforcement, government censors and others — was probably being used to de-anonymize the identity of Tor users, Tor project warned on Wednesday.
115 MALICIOUS ToR RELAYS WERE DE-ANONYMIZING USERS
According to a security advisory, Tor Team has found a group of 115 malicious fast non-exit relays (6.4% of whole Tor network), those were actively monitoring the relays on both ends of a Tor circuit in an effort to de-anonymize users.

Wednesday, June 25, 2014

Seven tips for securing your Facebook account | CNET

Facebook can be a tricky beast when it comes to keeping your account private and secure. Here are seven tips to help you tame it.

Friday, December 13, 2013

Hacker fined with $183,000 for just one-Minute of DDoS attack

Eric Rosol, A  38-year-old hacker who joined an Anonymous hacker attack for just one minute has been sentenced to two years of federal probation and ordered to pay $183,000 fine. Yes you read right! $183,000 fine  for just 1 Minute of DDoS attack. 

In 2011, Eric participated in a distributed denial-of-service (DDoS) attack organized by hacker collective Anonymous against the servers of Koch Industries. 

The DDoS attack was organized in opposition to Koch Industries’ reported weakening of trade unions. 

Bots now running the Internet with 61 percent of Web traffic

With much trepidation, I must report that there is a pretty good chance that half the visitors to this story will not be human.

According to a recent study by Incapsula, more than 61 percent of all Web traffic is now generated by bots, a 21 percent increase over 2012.

Much of this increase is due to "good bots," certified agents such as search engines and Web performance tools. These friendly bots saw their proportion of traffic increase from 20 percent to 31 percent.

Thursday, July 4, 2013

Multiple vulnerabilities in ZPanel 10.0.2 - POC

When i started to setup the Zpanel in my private Server for the first time, i was really curious how secure is, so i started looking the source code of Zpanel for vulnerabilities.After hours of digging the source, i managed to find 2 security flaws.  
The first one (and most important) is the LFI (Local File Inclusion) where i found it in the file getdownload.php and is located in /etc/zpanel/panel/modules/backupmgr/code/.