LIVE HACKING

Oracles releases critical security update for Java, Apple follows suit

Ethical Hacker — Wed, 19 Jun 2013 07:06:46 +0000

(LiveHacking.Com) – Oracle has released a critical patch update for Java that address at least 40 security vulnerabilities, 37 of which may be remotely exploitable without authentication, meaning they can be exploited over a network without the need for a username and password. The new version of Java is Java 7 update 25 and it is [...]

Microsoft clarifies position on passing vulnerability information to US government

Ethical Hacker — Tue, 18 Jun 2013 10:12:56 +0000

(LiveHacking.Com) – The repercussions of Edward Snowden revelations about the National Security Agency’s Prism surveillance system are still occurring and attention has now turned to the role that security vulnerabilities play in the surveillance done by the NSA. A few days ago US news agency Bloomberg claimed that Microsoft provides the US government with information on [...]

Microsoft disrupts half billion dollar Citadel botnet

Ethical Hacker — Fri, 07 Jun 2013 10:23:20 +0000

(LiveHacking.Com) – Microsoft’s Digital Crimes Unit, together with the the FBI and several different financial services companies, has disrupted more than 1,400 Citadel botnets that were responsible for over half a billion dollars in losses to individuals and businesses worldwide. The massive cybercrime operation was responsible for stealing people’s online banking information and personal identities. Citadel [...]

Apple updates OS X and Safari to fix critical security issues

Ethical Hacker — Wed, 05 Jun 2013 10:11:21 +0000

(LiveHacking.Com) – Apple has released updates for Mac OS X 10.6.8, OS X Lion v10.7.5, OS X Mountain Lion v10.8 and v10.8.3 to fix a range of Critical security vulnerabilities including a fix for an error that could allow a remote attacker to execute arbitrary code with system privileges on Macs with Directory Service enabled. At [...]

Sky hacked by the Syrian Electronic Army

Ethical Hacker — Tue, 28 May 2013 05:59:58 +0000

(LiveHacking.Com) – Several apps belonging to British Sky Broadcasting (Sky) have been removed from Google’s official Android app store following an attack on Sky by the Syrian Electronic Army. The SEA also hacked into one of Sky’s Twitter accounts where it urged readers to download the new defaced apps. The SEA aligns itself with Syrian President Bashar al-Assad, but [...]

Microsoft and Adobe release patches for Critical vulnerabilities

Ethical Hacker — Wed, 15 May 2013 15:04:12 +0000

(LiveHacking.Com) – Two of the biggest names in PC software have released patches for a variety of their respective software products to fix critical security related issues. Microsoft has released 10 security bulletins to address 33 vulnerabilities Microsoft Windows, Internet Explorer, .NET Framework, Lync, Office, and Windows Essentials. While Adobe has issued security updates for Flash Player, Adobe Reader, Acrobat and [...]

Microsoft releases Fix It for critical Internet Explorer 8 vulnerability

Ethical Hacker — Thu, 09 May 2013 14:15:45 +0000

(LiveHacking.Com) – Less than a week ago Microsoft revealed that version 8 of its web browser Internet Explorer suffers from a nasty remote code execution vulnerability that could catch users if they mistakenly follow a link, in an email or instant message, to a malicious website. Microsoft’s initial recommendation was to upgrade to IE 9 or [...]

China suspected to be behind U.S. Army Corps of Engineers database hack

Ethical Hacker — Fri, 03 May 2013 13:46:44 +0000

(LiveHacking.Com) – U.S. intelligence agencies are treating a recent cyber attack and subsequent intrusion into a database belonging to the U.S. Army Corps of Engineers as a cyber attack from China. According to the Free Beacon, U.S. intelligence agencies have traced the hack to the Chinese government or military cyber warriors. The compromised database belonged to the U.S. Army Corps of [...]

Microsoft patches Kernel-Mode driver after blue screen of death issues

Ethical Hacker — Wed, 24 Apr 2013 08:10:12 +0000

(LiveHacking.Com) – Microsoft has released a new patch to replace the Kernel-Mode driver update which was released as part of April’s Patch Tuesday. Problems started to arise with the update and Microsoft had to pull the patch. Peculiar to Windows 7, the patch could put systems into a situation where they failed to recover from a reboot (as [...]

Oracle updates Java, as does Apple

Ethical Hacker — Wed, 17 Apr 2013 06:28:11 +0000

(LiveHacking.Com) – Oracle has released a Critical Patch Update (CPU) for Java SE. The update, which affects Java 5, Java 6 and Java 7, fixes 42 vulnerabilities within Java, the vast majority of which have been rated as the Critical. Besides the fixes, the biggest change is to the Java security dialogs. Now JavaScript code that calls code within [...]

Microsoft’s Patch Tuesday Kernel-Mode driver update causing problems

Ethical Hacker — Mon, 15 Apr 2013 08:39:21 +0000

(LiveHacking.Com) – Last Tuesday Microsoft released nine security bulletins to address 14 different vulnerabilities in its products including one to fix vulnerabilities in Windows’ Kernel-Mode Driver that could allow an attacker to gain elevated privileges. Following the released of the patches reports started to appear about Windows 7 systems that fail to recover from a reboot (as they [...]

Microsoft fixes Critical IE and Remote Desktop flaws

Ethical Hacker — Wed, 10 Apr 2013 09:09:35 +0000

(LiveHacking.Com) – Microsoft has released a series of nine security bulletins, (two Critical and seven Important) to fix 14 different vulnerabilities in a range of its products including Microsoft Windows, Internet Explorer, Microsoft Antimalware and Windows Server Software. The first of the two Critical level bulletins patches Internet Explorer against a remote code execution attack which could [...]

Microsoft to patch critical flaws in Windows and IE on Tuesday

Ethical Hacker — Fri, 05 Apr 2013 12:18:55 +0000

(LiveHacking.Com) – Microsoft has released its customary advanced warning about security vulnerabilities that it plans to fix during its next Patch Tuesday. April’s update will contain nine bulletins, two of which are marked as Critical. The Critical bulletins address vulnerabilities in Microsoft Windows and Internet Explorer. The remaining seven are tagged as Important and will address [...]

Misconfigured Amazon S3 storage buckets exposing private data

Ethical Hacker — Fri, 29 Mar 2013 06:59:11 +0000

(LiveHacking.Com) – Some recent research has shown that thousands of Amazon customers are configuring their storage services incorrectly leading to potentially sensitive data being exposed on the Internet. Amazon offers a cloud storage solution called Amazon Simple Storage Services, or S3 for short. This storage can be used to storage almost anything and is often used by businesses for private data like backups, [...]

Critical updates for Apple TV and iOS available

Ethical Hacker — Wed, 20 Mar 2013 07:46:11 +0000

(LiveHacking.Com) – Apple has released critical security updates for two of its most popular operating systems – Apple TV and iOS. The two operating systems, one which powers Apple’s TV media box and the other which powers the iPhone, iPad and iPod touch, are closely related and based on much of the same code. Apple TV Apple TV [...]

Microsoft and Adobe release patches to fix critical vulnerabilities

Ethical Hacker — Wed, 13 Mar 2013 08:00:28 +0000

(LiveHacking.Com) – For March’s Patch Tuesday Microsoft has released seven bulletins, four Critical-class and three Important-class. The bulletins address 20 vulnerabilities in total across several Microsoft products including Windows, Office, Internet Explorer, Server Tools, and Silverlight. Likewise Adobe has released a security update for its popular Flash Player to address vulnerabilities that could potentially allow a hacker [...]

Oracle patches Java vulnerabilities being exploited in the wild

Ethical Hacker — Tue, 05 Mar 2013 06:57:41 +0000

(LiveHacking.Com) – Oracle has rushed out an emergency patch to address two Java vulnerabilities, one of which is being actively exploited by attackers to maliciously install the McRat malware onto victim’s PCs. Both vulnerabilities affect the 2D component of Java SE. Targeting Java running in the browser, these vulnerabilities are not applicable to Java running on servers, standalone [...]

Evernote hacked, forces 50 million users to reset password

Ethical Hacker — Mon, 04 Mar 2013 07:18:27 +0000

(LiveHacking.Com) – Over the weekend Evernote, the cloud based information storage company, revealed that it had discovered suspicious activity on its servers by hackers trying to access secure areas where user’s “notes” and files are kept. During the follow up investigation, Evernote discovered that the hackers had gained access to user information, which includes usernames, email addresses, [...]

The Top Six Benefits of Event Log Analyzers

GFI Software — Fri, 01 Mar 2013 06:51:00 +0000

One of the best applications you can add to your systems administration toolset is an event log analyzer. These applications enable administrators to go from reactive management to proactive management, which is good for all concerned. The business has better uptime, management is happy, and the admins don’t get calls in the middle of the [...]

More zero-day vulnerabilities found in Java

Ethical Hacker — Thu, 28 Feb 2013 18:00:34 +0000

(LiveHacking.Com) – Java was last updated only a few days ago when Oracle released an updated patch for Java SE to included five additional fixes that did not make it into the original patches delivered on February 1st. Now Adam Gowdiak, from Security Explorations, has posted to the full disclosure mailing list revealing details of two [...]