Hacker defaces Donald Trump fundraising site via subdomain takeover attack
A hacker defaced a presidential campaign fundraising website for Donald Trump with a little help from a DNS misconfiguration issue.
David Bisson reports.
A hacker defaced a presidential campaign fundraising website for Donald Trump with a little help from a DNS misconfiguration issue.
David Bisson reports.
Millions of websites used in e-commerce and other sensitive industries are vulnerable to remote take-over hacks made possible by a critical vulnerability that has affected the Joomla content management system for almost two years.
The SQL-injection vulnerability was patched by Joomla on Thursday with the release of version 3.4.5. The vulnerability, which allows attackers to execute malicious code on servers running Joomla, was first introduced in version 3.2 released in early November 2013. Joomla is used by an estimated 2.8 million websites.
“Because the vulnerability is found in a core module that doesn’t require any extensions, all websites that use Joomla versions 3.2 and above are vulnerable,” Asaf Orpani, a researcher inside Trustwave’s Spiderlabs, wrote in a blog post. The vulnerability, and two closely related security flaws, have been cataloged as CVE-2015-7297, CVE-2015-7857, and CVE-2015-7858.
Truesec did release a short YouTube video on Oct. 14 showing Rootpipe gain root access without an administrator password on a Mac running Yosemite. OSX 10.10 hack – privilege escalation through rootpipe The flaw also affects OS X 10.9 Mavericks and 10.8 …
mac hacker – read more
Apple Insider |
Security flaw opens all modern Android devices to "zombie botnet" takeover
Apple Insider A newly discovered flaw in Google's Android security model enables rogue apps to gain full access to the Android system and all installed apps, read all data on the device, harvest passwords and create a botnet of "always-on, always-connected and … Android 'Master Key' Security Flaw Affects 900M Devices Another Android security flaw, but this one only affects 99% of devices Android Security Flaw Allows Malicious Code To Go Unseen |