Security News

PwnBin: A script for scraping Pastebin for leaked API keys, SSH credentials (Help Net Security)
2015-11-20 09:00

Pastebins, apart from being a great help for programmers as they offer a place where one can store text online for a set period of time and share it with others, are also loved by hackers who often us...

Comcast resets passwords for 200,000 users after login credentials go on sale (Help Net Security)
2015-11-10 14:48

Over the weekend, someone has been peddling a batch of 590,000 email address/password combinations allegedly belonging to Comcast customers. The price set for the lot was 3.23 Bitcoin (around $1,000).

CCTV botnets proliferate due to unchanged default factory credentials (Help Net Security)
2015-10-23 12:01

Incapsula researchers have uncovered a botnet consisting of some 9,000 CCTV cameras located around the world, which was being used to target, among others, one of the company's clients with HTTP flood...

Attackers compromise Cisco Web VPNs to steal login credentials, backdoor target networks (Help Net Security)
2015-10-09 09:31

Another Cisco product is being targeted by attackers looking for a permanent way into the computer networks and systems of various organizations, Volexity researchers warn. "The Cisco Clientless SS...

Attackers take over org's OWA server, harvest domain credentials with malicious DLL (Help Net Security)
2015-10-06 11:38

Researchers from cyber attack detection and response outfit Cybereason have discovered a novel APT technique that was used by attackers to gain persistence in an (unnamed) organization' environment an...

Fake PayPal app is going after German users' banking credentials (Help Net Security)
2015-10-02 09:17

An email spam run impersonating PayPal is actively targeting German Android users and trying to trick them into downloading what is ostensibly the official PayPal app, but is actually a banking Trojan...

Dyreza Trojan Targeting IT Supply Chain Credentials (Threatpost)
2015-09-29 15:37

The Dyreza, or Dyre, Trojan has been spotted phishing credentials in attacks against the IT supply chain.

Schneider Patches Plaintext Credentials Bug in Building Automation System (Threatpost)
2015-09-16 20:15

Schneider Electric has published new firmware for its StruxureWare Building Expert building automation system that patches a remotely exploitable vulnerability.