21
Nov

FTC Shutters $120 Million Tech Support, Bogus Software Scam

The FTC and a Florida federal court issued temporary restraining orders against a number of organizations and individuals involved in a massive telemarketing operating selling bogus software and support.

21
Nov

Backdoored CMS Plugins Used to Hijack Web Servers

Malicious CMS Plugins Used to Hijack Web Servers For Black Hat SEO
Thousands of backdoored plugins and themes for popular content management systems (CMS) are being leveraged by a threat group to abuse Web servers on a large scale.
read more

21
Nov

Radware Launches Hybrid DDoS Attack Protection Solution

Radware, a company best known for its DDoS attack mitigation and application deliver appliances, this week announced a new hybrid solution designed to help enterprise organizations detect and protect against sophisticated and volumetric DDoS attacks.
read more

21
Nov

Threatpost News Wrap, November 21, 2014

In this week's news wrap podcast, Threatpost editors discuss an out-of-band Microsoft patch, the compromised Joomla and WordPress plug-inattack campaign and the Detekt anti-surveillance tool.​

21
Nov

Buffer Overflow Haunts Advantech WebAccess SCADA Product

The ICS-CERT is warning users about a stack buffer overflow in the Advantech WebAccess SCADA product that could lead to arbitrary code execution. Advantech WebAccess is a SCADA and human-machine interface product that’s accessible over the Web. It’s used in a variety of industries, including energy, manufacturing, government and the commercial sector. The vulnerability affects […]

21
Nov

WordPress 4.0.1 Update Patches Critical XSS Vulnerability

The latest version of WordPress, 4.0.1, patches a critical cross-site scripting vulnerability in comment fields that enables admin-level control over a website.

21
Nov

Hands on with Caine Linux: Pentesting and UEFI compatible

Here's my take on Computer Aided INvestigative Environment - a Linux-based, UEFI-compatible LIVE USB/DVD digital forensic system.

21
Nov

Zero Day Weekly: WhatsApp, Blackphone, Citadel hits password managers

A collection of notable security news items for the week ending November 21, 2014. Covers enterprise, controversies, reports and more.

21
Nov

WordPress 4.0.1 Released to Address Critical XSS, Other Vulnerabilities

With the release of WordPress 4.0.1, the developers of the popular blogging tool and a content management system (CMS) have addressed several vulnerabilities, including a critical flaw that could have been exploited to compromise websites.
read more

21
Nov

Siemens Fixes Critical Vulnerabilities in WinCC SCADA Products

Vulnerabilities Expose SCADA Systems to Remote Attacks
Siemens has released software updates to address two critical vulnerabilities in its SIMATIC WinCC supervisory control and data acquisition (SCADA) system, one of which could be exploited remotely by an unauthenticated attacker.
read more

Pages

Subscribe to SecGeeks - Information Security Tools, Blogs, Botnets, Vulnerability, Reversing RSS