Security Alerts & News
by Tymoteusz A. Góral

History
#1974 Finding Ticketbleed
Ticketbleed (CVE-2016-9244) is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed.

If you suspect you might be affected by this vulnerability, you can find details and mitigation instructions at ticketbleed.com (including an online test) or in the F5 K05121675 article.
Read more
#1978 Google Project Zero: How we cracked Samsung's DoD and NSA-certified Knox
#1977 AthenaGo RAT uses Tor2Web proxy system to hide C&C server
#1976 DynA-Crypt not only encrypts your files, but also steals your info
#1975 Newly discovered flaw undermines HTTPS connections for almost 1,000 sites
#1974 Finding Ticketbleed
#1973 Google let scammers post a perfectly spoofed Amazon ad in its search results
#1972 The startup paying people to legally hack Uber, Nintendo, and Starbucks just got another $40 million to keep growing
#1971 Fileless attacks against enterprise networks
#1970 Mirai gets a Windows version to boost distribution efforts
#1969 This modular backdoor malware is now the most common threat to Android smartphones
#1968 Mac malware, possibly made in Iran, targets US defense industry
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12