Tag Archives: SHA-1

10Fold- Security Never Sleeps- 144

Locked and Loaded: Huge Botnet Updated for DDoS

“Botnets equipped with new, far-reaching features”

BitSight Technologies, a division of Anubis Networks, has announced that one of the largest botnet systems has been armed with several new weapons that would allegedly dwarf any DDoS attack the public has witnessed so far.

Russian cybersecurity expert charged with treason

“Allegedly shared ‘secrets’ with U.S. firms”

Apparently Ruslan Stoyanov, a cybercrime investigator with Kaspersky Labs who was charged for treason by the Russian government, was arrested for passing secrets of state to several United States firms, including Verisign.

Remember when Ruslan Stoyanov, a top cybercrime investigator for Kaspersky Lab, was arrested and charged with treason? It is now being reported that the treason charges were for allegedly passing state secrets to Verisign and other US companies.

A Super-Common Crypto Tool Turns Out to Be Super-Insecure

“SHA-1 concerns no longer theoretical”

SHA-1 vulnerabilities that until recently seemed unlikely to be exploited are now demonstrably exposed to cybercriminals. A team of researchers from CWI Amsterdam and Google have both been successful in developing programs that are able to easily pull assets and other data from SHA-1 files.

More on Bluetooth Ingenico Overlay Skimmers

“Card and PIN skimmer stories increasing in frequency”

Ingenico-brand card readers at check-out lanes and other self serve pay stations are receiving massive amounts of ‘overlay’ incidences. This article shares several photos detailing the devices from compromised terminals and provide more insight into how the system is so successful.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 143

Google Just Discovered A Massive Web Leak… And You Might Want To Change All Your Passwords

“Perhaps most dangerous leak of the year so far”

A leak that may end up exposing the user passwords of many popular platforms and applications has been uncovered by a Google researcher recently. Major services indicated to be vulnerable may include Uber, FitBit, and OKCupid.

Beware Google Chrome scam that could inject malware into your computer

“Cybersecurity experts still concerned over continued threat”

A Google Chrome malware program still poses a threat to users after several months of circulation. Proofpoint has officially warned hackers that the program can inject script into inefficiently protected pages, targeting Chrome browsers specifically. It will then rewrite the compromised website to the affected users browser, making the page unreadable and provides a fake issue for the user to resolve,

Stop using SHA1: It’s now completely unsafe

“First real-world collision against SHA-1 hash”

Security researchers have now witnessed the first collision against the SHA-1 hash function, resulting in the duplication of a PDF file with the same signature. The algorithm’s security-sensitive functions are now entirely vulnerable, and should not be used for any secure files.

Enjoy your read? Check out our other content here.