Randy Westergren¹ figured out a way to hijack a Verizon FiOS account (FiOS is a bundled Internet, telephone, and TV service) Randy was doing research into a vulnerability of compromised email accounts for the FiOS app, and found a problem with the reset my password method on the Verizon website. With a few computer … Read more
Everyone heralds new improvements ever since the Renaissance in the 15th century started an artistic and scientific improvement binge every year. We are moving to another new year since time does not stand still for us to digest the current technology. Johannes Gutenberg small bio at physic.org So in 1440 we were inadvertently thrust … Read more
Another day another Zero-Day Attack: From Sucuri Blog¹ which found a remote Code Execution attack on Joomla a CMS(Content Management System) software The hackers are interested in these all the time: Because a Zero-day attack means that an attack on susceptible software can be easily taken over. Zero day exploits are sought after in the darknet. … Read more
The recently added BugSec blog¹ on Security News Analyzed page at #30 is the source. Apparently there are several NGFW (Next generation FireWalls) systems that allow the initial handshake to occur no matter the destination, including to destinations we would want to deny. It is good to point out, that an actual connection is not … Read more
What is your weakest point in your security(People, Process & Technology)? Safe to say that people are the weakest link. And by that I mean social engineering your workforce to either click on something they should not, or do something like give out too much information (yes my boss is on vacation right now). Email … Read more