After Samsung had failed to renew the domain of one of their pre-installed apps, millions of users were left open to malware attacks. The app S Suggest that was part of the older Samsung smartphones is still active on millions of devices. Its purpose was to help users by suggesting which other popular apps they […]
Millions of Android users left vulnerable due to Samsung’s ignorance Read More »
Giving children the opportunity to learn about cybersecurity is beneficial for a million different reasons. For starters, the younger you teach them the more (and faster) they learn. While most kids will go to camp for kayaking, cheerleading, or basketball, the kids local to Pensacola have the chance to do something a little different. Spending
National Flight Academy to Implement Cybersecurity Camp for Pensacola Children Read More »
When it comes to simplicity, keystroke injection attacks are ideal. With the tools available in today’s cybersecurity market, the execution of a keystroke injection attack is both easy and effective. The most popular and easily retrieved tool on the market is Hack5’s USB Rubber Ducky. Read more
What Is a USB Rubber Ducky and How Is It Used? Read More »
It’s been said a million times before: security scanning tools are a necessity for pen-testing, information gathering, and sometimes general computer use. When fulfilled, a security scanner can give you a head start on upgrading your security applications. For pen-testers, a security scanner can be the making or breaking of an important job. Due to
Installation and Use of Nessus in Vulnerability Scanning Read More »
Stop us if you’ve heard this one: an emergency access feature offered by RSA for SecurID token customers isn’t completely secure. That’s the opinion of pentest outfit Netspi, whose Alexander Leary worked out how to abuse the SecurID Emergency Access Tokencodes (EAT). The use-once codes are intended to provide a temporary access mechanism for someone
RSA SecurID admin console can issue emergency access to decent social engineers Read More »
Stop us if you’ve heard this one: an emergency access feature offered by RSA for SecurID token customers isn’t completely secure. That’s the opinion of pentest outfit Netspi, whose Alexander Leary worked out how to abuse the SecurID Emergency Access Tokencodes (EAT). The use-once codes are intended to provide a temporary access mechanism for someone
RSA SecurID admin console can issue emergency access to decent social engineers Read More »
A new study has warned that third-party trackers litter banking websites and the privacy-invading tech is being used to rate surfers’ creditworthiness. Among the top 10 financial institution websites visited in the US and UK, there are 110 third-party trackers snooping on surfers each time they visit. Online privacy firm eBlocker reports that PNC Bank has
Banking websites are ‘littered with trackers’ ogling your credit risk Read More »
A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai. Pen Test Partners has been researching DVR security since
Today, June 15th 2017, WikiLeaks publishes documents from the CherryBlossom project of the CIA that was developed and implemented with the help of the US nonprofit Stanford Research Institute (SRI International). CherryBlossom provides a means of monitoring the Internet activity of and performing software exploits on Targets of interest. In particular, CherryBlossom is focused on
Hydra is a password guessing (cracking) tool that can be used in a wide range of situations, including with the forms-based authentication commonly used in web applications. It is a quick and stable network login hacking tool which uses dictionary or brute-force attacks to try several passwords and login combinations against a login page. Of
What is Hydra in hacking? Read More »