Multi-Purpose Proxy Botnet Ensnares 65,000 Routers

Posted by & filed under Security News.

More than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol are being abused by cybercriminals as part of a large, multi-purpose proxy botnet, Akamai has discovered. The vulnerable devices were found to have NAT injections that allow malicious actors to abuse them for various purposes, such as bypassing censorship,… Read more »

Path-Based Cross-Site Scripting (XSS) on Cacti before 1.1.37

Posted by & filed under Security News.

CVE: CVE-2018-10059 CVE URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10059 Affected Versions: 1.1.28 Affected OS:  Windows 2012 with IIS Vulnerability Type: XSS Security Risk: high Vendor URL: https://github.com/Cacti/cacti/issues/1457 Threat XSS vulnerabilities occur when the Web application echoes user-supplied data in an HTML response sent to the Web browser. For example, a Web application might include the user’s name as part… Read more »

Top Methods that Attackers Steal Money from your Credit, Debit cards and Bank Accounts

Posted by & filed under Security News.

Phishing It is a social engineering attack which directs the users to the fake pages and get sensitive information such as usernames, passwords, and credit card details. Attackers using this method widely to get your Financial data’s such as net banking credentials, Credit, Debit card details. Keystroke Logging Attackers use to push malicious software via… Read more »

Vulnerability in Outlook let hackers to steal Password Hashes

Posted by & filed under Security News.

Most people rely on Outlook email address for work-related as well as personal tasks. Unfortunately, Outlook may not be as secure as we users would like to think. According to a report published by information security training experts at the Carnegie Mellon Software Engineering Institute, Outlook comes with a security bug that could trigger password hash leaks… Read more »