Linux Hacks & Cracks - Page 73

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors

U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies. This attack has reignited debate about encryption backdoors, an ongoing contention a...
Oct 16, 2024
  0

FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems

As malware threats evolve to increasingly target Linux ...
Oct 16, 2024
  0
32.Lock Code Circular Esm H115

The Infiltration of Supply Chain Attacks in Open-Source Software Management

Open-source projects are renowned for their collaborati...
Oct 15, 2024
  0
30.Lock Globe Motherboard Esm H115

Discover Hacks/Cracks News

Report: Russian gang linked to big Citibank hack

Report: Russian gang linked to big Citibank hack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

U.S. authorities are investigating the theft of an estimated tens of millions of dollars from Citibank by hackers partly using Russian software tailored for the attack, according to a news report. The security breach at the major U.S. bank was detected mid-year based on traffic from Internet addresses formerly used by the Russian Business Network gang, The Wall Street Journal said Tuesday, citing unnamed government sources.

RockYou hack compromises 32 million passwords

RockYou hack compromises 32 million passwords

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A hacker was able to break into the database of RockYou and obtain 32 million clear-text passwords through an SQL vulnerability. Researchers at database security firm Imperva discovered the flaw in RockYou.com, which provides applications and services for social networking sites like Facebook and MySpace.

The Years Most-Hacked Software

The Year's Most-Hacked Software

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

At the beginning of this decade, Microsoft represented a cybercriminal's dream target: universally-used software, brimming with bugs ready to be exploited to hijack users' PCs. But as the software giant has slowly cleaned up its security flaws, hackers are looking toward another vendor whose products are nearly as ubiquitous and whose bounty of vulnerabilities are just being discovered: Adobe.

Security hole in Thunderbird 2.x

Security hole in Thunderbird 2.x

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Already closed in Opera, Firefox and Chrome, the format string vulnerability caused by a flawed implementation of the dtoa C function for converting floating point numbers into strings (double to ascii) is creating further ripples. Maksymilian Arciemowicz, who discovered the problem, has released several advisories stating that the Thunderbird 2.x email client, as well as the Sunbird 0.9 calendar application and the Flock and Camino browsers, are or were also affected.

Hacker Exposes Unfixed Security Flaws In Pentagon Website

Hacker Exposes Unfixed Security Flaws In Pentagon Website

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A Romanian hacker has posted a proof-of-concept attack exploiting vulnerabilities on the Pentagon's public Website that were first exposed several months ago and remain unfixed. The hacker, who goes by Ne0h, demonstrated input validation errors in the site's Web application that allow an attacker to wage a cross-site scripting (XSS) attack.

NASA sites hacked via SQL injection

NASA sites hacked via SQL injection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two NASA sites recently were hacked by an individual wanting to demonstrate that the sites are susceptible to SQL injection. The websites for NASA's Instrument Systems and Technology Division and Software Engineering Division were accessed by a researcher, who posted to his blog screen shots taken during the hack.

Attackers try to swindle FTP credentials

Attackers try to swindle FTP credentials

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new phishing campaign is designed to steal FTP credentials from website owners so the fraudsters can set up fake bank websites, a security firm warned Monday. The messages appear to come from web hosting providers, such as Yahoo, according to researchers at Trusteer.

Hacker scalps NASA-run websites

Hacker scalps NASA-run websites

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Miscreants took advantage of weak security to hack into two NASA-run websites over the weekend. The websites of NASA's Instrument Systems and Technology unit and Software Engineering division were broken into and screenshots illustrating the hack posted online.

Worm author given a job as an iPhone App Developer

Worm author given a job as an iPhone App Developer

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mogeneration, an Australian software company, has hired the author of the first iPhone worm, Ashley Towns, to develop applications for the iPhone App Store. At the beginning of November, 21 year old Towns circulated the "Ikee" worm via Australian operator Optus's UMTS network. The worm penetrates vulnerable jailbroken iPhones and spreads using open SSH connections.

Hackers bypass Windows 7 activation

Hackers bypass Windows 7 activation

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hackers have managed to find a way around one of the key antipiracy protections built into Windows 7. Ordinarily, the operating system requires users to activate their copy of Windows 7 within 30 days. However, a recently outlined method allows the normal notifications to be turned off.

Hacking Privileged Database User Access

Hacking Privileged Database User Access

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The prospect of restricting access to your database is tricky when it comes to privileged users, such as database administrators who need to keep the databases running, developers who need to tap into databases to get them to work, or super users who just need an inordinate amount of access to get their jobs done.

New Flash Attack Has No Real Fix

New Flash Attack Has No Real 'Fix'

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Researchers show how Adobe Flash can be exploited in browsers when victim visits sites that accept user-generated content. Researchers have discovered a new attack that exploits the way browsers operate with Adobe Flash -- and there's no simple patch for it.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved