Archive | Exploits/Vulnerabilities


20 August 2014 | 1,460 views

Heartbleed Implicated In US Hospital Leak

If you’ve been up on your news consumption in the past week or so, you’ll have read about the Chinese hackers who managed to access 4.5 million patient records in a huge US Hospital Leak. Community Health Systems hacked, records of nearly 4.5 million patients stolen Now it turns out, the first entry for this […]

Continue Reading


11 August 2014 | 3,021 views

XML Quadratic Blowup Attack Blows Up WordPress & Drupal

This was a pretty interesting piece of news for me last week as I was actually affected by it (I think?). It’s an XML Quadratic Blowup Attack that affects both WordPress and Drupal and is quite serious as rather than just crashing the software, it can take down the whole server. It didn’t completely take […]

Continue Reading


14 July 2014 | 4,710 views

Password Manager Security – LastPass, RoboForm Etc Are Not That Safe

We’ve talked a lot about using a password manager to secure, generate and manage your passwords – way back since 2008 when we introduced you to the Password Hasher Firefox Extension. Since then we’ve also mentioned it multiple times in articles where plain text passwords were leaked during hacks, such as the Cupid Media hack […]

Continue Reading


07 July 2014 | 2,900 views

Hacking Your Fridge – Internet of Things Security

So one of the latest fads is IoT or the Internet of things phenomena which has been talked about for a while (especially since the discussion of IPv6 started), IoT is connecting physical items to the Internet and giving them some kind of IP (be in NAT or a proper IPv6 address). This enabled you […]

Continue Reading


06 June 2014 | 1,143 views

Important OpenSSL Patch – 6 More Vulnerabilities

So after the Heartbleed vulnerability in OpenSSL that turned the World upside down, there has a been a lot of focus on the codebase and the manner in which it was written. They’ve raised a bunch of money, an audit is underway and there has even been a fairly serious branch named LibreSSL (who are […]

Continue Reading


02 June 2014 | 971 views

Spotify Hacked – Rolls Out New Android App

So it looks like Spotify was hacked, or at least suffered some kind of breach – they claim user data for only one user was accessed and no payment details or password information was leaked. So it doesn’t seem to serious, but Spotify are reacting responsibly (which is good to see), disclosing the breach and […]

Continue Reading


22 May 2014 | 1,272 views

eBay Hacked – 128 Million Users To Reset Passwords

The big news this week is that the massive online auction site eBay has been hacked, the compromise appears to have taken place a few months around February/March but has only come to light recently when employee login credentials were used. This is 3 times bigger than the massive 42 Million passwords leaked by Cupid […]

Continue Reading


14 May 2014 | 1,721 views

Navy Sys Admin Hacks Into Databases From Aircraft Carrier

So this story caught my eye and I found it pretty interesting as it reads like something out of a Tom Clancy novel crossed with a bunch of script kiddies, a Navy Sys Admin has been charged with conspiracy to hack – the interesting part was that he hacked the Navy (whilst working there..) and […]

Continue Reading


01 May 2014 | 772 views

Microsoft Confirms Internet Explorer 0-Day

So during the past weekend, Microsoft confirmed an Internet Explorer 0-day that is actually being used in targeted online attacks. Vulnerability in Internet Explorer Could Allow Remote Code Execution It will be interesting to see if they push an out of band patch for this one or just wait for the next Patch Tuesday. It’s […]

Continue Reading


24 April 2014 | 1,608 views

Viber Vulnerable To Man In The Middle Attack (MITM)

So this week, researchers at the University of New Haven have been focusing on Viber and have found that pretty much everything transferred and stored on the Viber service, except the messages themselves is not encrypted either in transit or at rest (doodles, images, location data & videos). The implication of this is that the […]

Continue Reading