Isis hackers release new 'random' kill list with 4000 names from database previously available online
An Islamic State (Isis)-affiliated hacker group called the Caliphate Cyber Army (CCA)has released a new "kill list" on social media, with names, addresses and emails of over 4,000 people from across the globe. While almost half of the names in the list are of Americans, residents of the UK, France, Canada and India have also reportedly made it to the list.
An unpatched remote code execution hole has been publicly disclosed in the popular Swagger API framework, putting users at risk.
The client and server hole (CVE-2016-5641) exists in code generators within the REST programming tool, also know as the OpenAPI Specification.
A module for the popular Metasploit hacking suite has been crafted making exploitation of the flaw easier. Application security researcher Scott Davis says an injectable parameters in Swagger JSON or YAML files allow remote code execution across NodeJS, PHP, Ruby, and Java.
LTE is a more advanced mobile network but not absolutely secure.
In this presentation, we will introduce a method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure in LTE networks resulting in the ability to force a targeted LTE cellphone to downgrade into a malicious GSM network where an attacker can subsequently eavesdrop its voice calls and GPRS data.
In early May, Igor Kabina, a researcher with security firm ESET, noticed that the group behind the third most prevalent ransomware operation, TeslaCrypt, had seemingly taken a breather.
Following the April release of version 4 of their data-encryption malware, the group's development efforts had slowed. Wondering if the group was closing up shop, Kabina pretended to be a victim and used their support service to ask if they would release their master key.
A mobile advertising company that tracked the locations of hundreds of millions of consumers without consent has agreed to pay $950,000 (£640,000) in civil penalties and implement a privacy program to settle charges that it violated federal law.