Security Alerts & News
by Tymoteusz A. Góral

History
#669 American Samoa domain registry was exposing client data since the mid-1990s
A British security researcher that goes online only by the name of InfoSec Guy revealed today that American Samoa domain registry ASNIC was using an outdated domain name management system that contained a bug allowing anyone to view the personal details of any .as domain owner.

The researcher also claims that anyone knowing of this bug would have been able to edit and delete any .as domain, just by altering the ASNIC domain info URL.

"By simply Base64 encoding an .as domain name and appending it to an URL on the nic.as website, it was possible to view the entire domain record for the domain (including unencrypted passwords for domain owners, technical contacts, and billing contacts)," the researcher wrote on his blog two days ago.
Read more
#670 Kaspersky DDoS Intelligence Report for Q1 2016
#669 American Samoa domain registry was exposing client data since the mid-1990s
#668 Malware and non-malware ways for ATM jackpotting.
#667 Users are patching Windows, but QuickTime and Java vulnerabilities remain, says Secunia
#666 Former Tor developer created malware for the FBI to hack Tor users
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12