Hacking

For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the « master password » feature. Both Firefox and Thunderbird allow users to set up a « master password » through their settings panel. This master password plays the role of an encryption key that is used to encrypt […]

Cisco Meraki, a provider of cloud-managed IT solutions, announced last week the launch of a public bug bounty program with rewards of up to $10,000 per vulnerability. Cisco Meraki, which resulted from Cisco’s acquisition of Meraki in late 2012, started with a private bug bounty program on the Bugcrowd platform. […]

A new ransomware was discovered this week by MalwareHunterTeam called Zenis Ransomware. While it is currently unknown how Zenis is being distributed, multiple victims have already become infected with this ransomware. What is most disturbing about Zenis is that it not encrypts your files, but also purposely deletes your backups. When MalwareHunterTeam found the first […]

VMware a publié des mises à jour de sécurité pour résoudre les vulnérabilités dans VMware Workstation et Fusion. Un attaquant distant pourrait exploiter ces vulnérabilités pour provoquer  un déni de service. RISQUE(S) Déni de service SYSTÈMES AFFECTÉS Workstation versions 14.x antérieures à 14.1.1 Workstation versions 12.x Fusion versions 10.x sur OS […]

Check Point Mobile Security Team discovered a massive, on-going malware campaign that so far has claimed 5 million victims. Reportedly, the malware dubbed as RottenSys has managed to create a massive army of botnets comprising of 5 million mobile devices from across the globe. The malware is hidden in a […]

Safari, Edge, and Firefox were the favorite targets that fell to white hat hackers at the world’s most well-known competitive hacking competition —Pwn2Own 2018— held over the past two days in Vancouver, Canada. Hackers took home $267,000 of the total $2 million prize pool, which is way less than the […]

News of the day is that the Mossack Fonseca law firm would shut down operations due to the reputational damage caused by the Panama Papers security breach. The Panama Papers is a huge trove of strictly confidential documents from the Panamanian law firm Mossack Fonseca that was leaked online on April 3, 2016. […]

A new type of attack has been discovered targeting PostgreSQL databases, in which malware authors are using an image of Hollywood actress Scarlett Johansson to hide a cryptocurrency miner they intend to run on the DB’s underlying server. The attack has been observed in a honeypot server ran by Imperva researchers. Experts […]