Security Alerts & News
by Tymoteusz A. Góral

History
#467 99 problems but two-factor ain’t one
Two-factor authentication is a best practice for securing remote access, but it is also a Holy Grail for a motivated red team. Hiding under the guise of a legitimate user authenticated through multiple credentials is one of the best ways to remain undetected in an environment. Many companies regard their two-factor solutions as infallible and do not take precautions to protect against attackers’ attempts to bypass or backdoor them.
Read more
#478 After Verizon breach, 1.5 million customer records put up for sale
#477 850 million Android devices still at risk of hijack by Stagefright bug
#476 Emergency Java patch re-issued for 2013 vulnerability
#475 Certified Ethical Hacker website caught spreading crypto ransomware
#474 Google releases new tool to scan Android apps for accessibility issues
#473 Iranians indicted over DDoS campaign on banks
#472 Patched Apple bug paved way to root compromises
#471 PNG Embedded – Malicious payload hidden in a PNG file
#470 Malware is being signed with multiple digital certificates to evade detection
#469 Operation C-Major: Information theft campaign targets military personnel in India (PDF report)
#468 11 enterprise security solutions tested under Windows 10
#467 99 problems but two-factor ain’t one
#466 Vulnerability in 70 CCTV DVRs traced back to Chinese firm who ignores researcher
#465 Apple worries that spy technology has been secretly added to the computer servers it buys
#464 Google opens access to its speech recognition API, going head to head with Nuance
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12