Gmail was een eerste mailservice dat de veiligheidsnormen MTA-STS en TLS rapportage ondersteuning gelanceerd


According to Google message, Gmail became first big mailing service that supports new safety standards MTA-STS and TLS Reporting. Both standards are extensions for Simple Mail Transfer Protocol (SMTP) that is a protocol used for sending of all emails today. MTA-STS and TLS Reporting assist email-services in establishing cryptographically protected connections with each other. In some kind, it is prevention

Lees verder »

Microsoft report: in March hackers actively used WinRAR vulnerabilities

WinRar hacked

Microsoft published details of Windows-managed attacks on computers in media companies that took place in March. In the attacks, criminals utilized famous WinRAR vulnerability that gained popularity within criminal groups in the latest months. Hackers armed themselves with it immediately after publication by Check Point company, on February 20. That time researchers demonstrated how through this vulnerability code with the

Lees verder »

Hackers gebruikt fout in Yuzo Related Posts plugin voor een massale aanval op WordPress aangedreven websites

Mail service Mailgun was attacked together with more than a thousand of other companies’ sites on Wednesday, april 10. During the attack hackers exploited vulnerability in Yuzo Related Posts plugin that allows establishment of scripting between web-sites (XSS). With its help attackers implemented on vulnerable websites a code that redirects users on malware resources, including fake technical service portals, kwaadaardig …

Lees verder »

Onderzoekers vinden kwetsbaarheden in WPA3 protocol die het mogelijk maken het verkrijgen van Wi-Fi-wachtwoorden


Though Wi-Fi Protected Access III (WPA3) standard released less than a year ago, researchers found significant vulnerabilities in a standard that enable Wi-Fi extraction and network access. WPA3 was created to improve flaws in WPA2 protocol that for a long time was considered unsafe and vulnerable to Key Reinstallation Attack (KRACK). Despite WPA3 protocol relies on safer handshake SAE (Simultaneous

Lees verder »

In de nieuwe patch gecorrigeerd Microsoft 74 bugs, waaronder twee 0-day kwetsbaarheden

Microsoft Corporation issued update package that treats 74 bugs, including two zero-day (0-dag) vulnerabilities in different products. Two recently discovered issues as CVE-2019-0803 and CVE-2019-0859 are vulnerabilities of privilege shift that involve Win32k component. According to Microsoft description, bug exists due to incorrect procession of memory volumes, and its exportation allows using a code in a kernel mode. als een …

Lees verder »

PoC-code for vulnerability in Apache HTTP-server published on GitHub

Developer Charles Fol discovered Carpe Diem (CVE-2019-0211) vulnerability in Apache HTTP Server 2.4. In certain conditions, it allows implementing side code which gives rights of administrator and capturing server management. Charles Fol published PoC-code on GitHub website. In the accompanying comments engineer explained that code has intermediate meaning between demonstrative PoC and valid exploit and has educational purposes. Echter, intruders

Lees verder »

Exodus Spyware Gevonden in Apple iOS-apparaten

The Exodus spyware was signed with legitimate Apple developer certificates. The government spyware Exodus, which was previously found in 25 different applications on Google Play, is now ported to iOS as well. This is a warning researchers Lookout Security. Spy Exodus can extract user contacts, record conversations, intercept photos and track location. Volgens experts, the iOS version of this

Lees verder »