security

WannaCry Ransomware – Executive summary

If you want news from the IT Security industry, please check IT Security News here: http://www.itsecuritynews.info/?s=WannaCry This is my summary, inspired from various sources on the web mentioned in the Sources (see at the end).   The ransomware Wannacry has infected systems across the globe and has been the topic of discussion among security professionals for quite some days now. The WannaCry ransomware attack – 5 things you need to know A ransomware attack of “unprecedented level” (Europol) started spreading WannaCry ransomware around the world on Friday, May 12, 2017, around 11 AM ET/3PM GMT. Until now, hundreds of thousands…

Read More

Google Search Console fail over notifications for the WordPress updates

I have quite a lot of WordPress based websites which I run and maintain. One of these is this blog: www.SorinMustaca.com All my WordPress websites are configured to autoupdate to the latest WordPress update. The same applies to their plugins and themes. Google Search Console (GSC) is a tool I used to manage better the registration of my websites with the search engine and their advertising platform Adsense. Yesterday evening I received a couple of emails, one for each of my websites registered with the GSC : Here is the text: Recommended WordPress update available for http://sorinmustaca.com/ To: Webmaster of…



Scary to see details of the World’s Biggest Data Breaches

Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/   No worries, the chart is very interactive and you can select what you want to see by changing the filter: The problem is that if you select like the screenshot below, you will not see anything anymore. This is scary!   Statistics? Actually, the data is scary: it seems that at any point in time there was a breach.     Here is the source of the data: https://docs.google.com/spreadsheet/ccc?key=0AmenB57kGPGKdHh6eGpTR2lPQl9NZmo3RlVzQ1N2Ymc&single=true&gid=2&range=A1%3AW400    


Vulnerability analysis: how “HTTPoxy” allows redirect of web applications http-queries

This is a guest post written by Alex Bod, Information Security Researcher and the founder of the Gods Hackers Team.   The information about a set of vulnerabilities called HTTPoxy was published on July 18. Using this, attackers can replace the HTTP_PROXY environment variable that allows them to redirect http-queries to the Web applications on their resources. The vulnerability was identified in partnership with the developer Dominic Scheirlinck, who in his blog talked about how the vulnerability was discovered by his colleagues in the analysis of one of the tickets, received in support.   How it works   Scheirlinck explains in…



Yahoo was hacked in 2014 and lost the credentials of over 500Mil accounts

Oh boy…. they were hacked two years ago and they say it was a “state sponsored attack”. What the hack is that ?! How do you differentiate a hack done by an employee from a state sponsored attack? Let’s take it step by step: Yahoo has started to write to all affected customers this email: https://s.yimg.com/sf/support/en-us-security-notice-content.pdf Below is the text of the email notice sent by Yahoo to potentially affected users. Please note that the email from Yahoo about this issue does not ask you to click on any links or contain attachments and does not request your personal information. If an…


Dropbox was breached in 2012, the data is now online – a quote in SecurityWeek

68 Million Exposed in Old Dropbox Hack By Ionut Arghire on August 31, 2016 In an email response to a SecurityWeek inquiry, IT security expert Sorin Mustaca said that the surprising fact is that the 2012 hack of Dropbox didn’t emerge earlier, along with the other mega-breaches. He also notes that the use of the SHA1 hashing algorithm with salting improves the security of these passwords. “Fortunately, Dropbox was using the SHA 1 hashing algorithm (today this is not considered “strong” anymore) and it was using salting even in 2012 – an operation that many other services don’t do even…


How to easily secure your smartphone

Most people these days have a smartphone. These phones are actually no longer just mobile phones, in reality they are powerful mobile computers with several GB RAM, multicore CPUs and many GB storage. Despite these characteristics which bring them closer to computers than to phones, most of their users don’t consider security and privacy in the way they should do with their personal mobile computers. Actually, users are split in two categories: those who care about security and privacy and those who don’t. The advices below are meant to address both categories and they are sorted according to the difficulty…


Social engineering at its best: ransomware delivery methods

I wrote already about Ransomware (and here), but in a more generic way as I will do now. From me to me, with the subject “Documents from work” is the subject of a new Locky ransomware. Attached is a Word document containing macros. In the document (which is actually an archive) is a file called  word\vbaProject.bin. That file seems to be the trigger that downloads the ransomware binary.   This is the link to the VirusTotal detection: https://virustotal.com/en/file/28ba8362af69958964bf8d7e23664cddc625e67b55ff5d5e95e9feef74158e96/analysis/1469020147/ At the moment of writing this post, 30/53 engine detect it.   My goal is not to analyze here the ransomware, but the delivery….


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close