How To Patch Linux Servers Against the Glibc GHOST Vulnerability # CVE-2015-0235

What is the vulnerability? During a code audit Qualys researchers discovered a heap-based buffer overflow in Glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() Glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of… Continue reading How To Patch Linux Servers Against the Glibc GHOST Vulnerability # CVE-2015-0235

Device to log keystrocks from Microsoft wireless keyboard

Device called KeySweeper, which is developed using Arduino board and camouflaged as a functioning USB wall charger, can wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity. As per its developer SamyKamkar : All keystrokes are logged online and locally. SMS alerts are sent upon trigger words, usernames… Continue reading Device to log keystrocks from Microsoft wireless keyboard

Anonymous VS CyberCaliphate

Anonymous, the hacktivist group who declared cyber war against Charlie Hebdo attackers and ISIS, today extended their declaration of war to include CyberCaliphate splinter group who attacked U.S. Central Command’s social networking sites. In a statement released at Pastebin website, they wrote : Citizens of the World, We are Anonymous. In light of the recent cyber attacks led by… Continue reading Anonymous VS CyberCaliphate

U.S. Central Command’s Twitter and YouTube sites compromised

Hacker group who call themselves as CyberCaliphate hacked U.S. Central Command's social networking accounts and claims to have released internal military files. On Monday, as President Obama was giving a speech on cybersecurity at the Federal Trade Commission in Washington D.C., the attackers took control of the @CENTCOM account. In the pastebin post released, hackers wrote : Pentagon… Continue reading U.S. Central Command’s Twitter and YouTube sites compromised

Lizard Stresser service is powered by hacked home routers

Latest investigation by Brian krebs reveals that Lizard Stresser [ lizardstresser[dot]su ], a DDOS service launched late last year by a group called Lizard Squad is powered by hacked home routers. Lizard Stresser allows anybody to purchase a DDOS attack for a time period and the amount of time varies between the plan they are subscribing to.… Continue reading Lizard Stresser service is powered by hacked home routers

Charlie Hebdo attack: Anonymous vows cyber-war on terrorists

Anonymous, the online hacktivist group today announced that they will initiate the cyber-war rendering websites and online accounts of attacker group behind Charlie Hebdo Paris incident inaccessible. Anonymous has published a video through their Belgique Youtube channel as well as a statement in french posted at pastebin. The message calls all cyber citizens to join their campaign against… Continue reading Charlie Hebdo attack: Anonymous vows cyber-war on terrorists