Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack – Tempemail

A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers. Amit Klein, VP of Security Research at SafeBreach who presented the findings today at the Black Hat security conference, said that the attacks highlight how Continue Reading

How Incident Response Companies Choose IR Tools – Tempemail

Many companies today have developed a Cybersecurity Incident Response (IR) plan. It’s a sound security practice to prepare a comprehensive IR plan to help the organization react to a sudden security incident in an orderly, rational manner. Otherwise, the organization will develop a plan while frantically responding to the incident, Continue Reading

Apple Touch ID Flaw Could Have Let Attackers Hijack iCloud Accounts – Tempemail

Apple earlier this year fixed a security vulnerability in iOS and macOS that could have potentially allowed an attacker to gain unauthorized access to a user’s iCloud account. Uncovered in February by Thijs Alkemade, a security specialist at IT security firm Computest, the flaw resided in Apple’s implementation of TouchID Continue Reading

US Government Warns of a New Strain of Chinese ‘Taidoor’ Virus – Tempemail

Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China’s state-sponsored hackers targeting governments, corporations, and think tanks. Named “Taidoor,” the malware has done an ‘excellent’ job of compromising systems as early as 2008, with the actors deploying it on victim Continue Reading

17-Year-Old ‘Mastermind’, 2 Others Behind the Biggest Twitter Hack Arrested – Tempemail

A 17-year-old teen and two other 19 and 22-year-old individuals have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts within minutes as part of a massive bitcoin scam. According to the U.S. Department of Justice, Mason Sheppard, aka “Chaewon,” Continue Reading

17-Year-Old ‘Mastermind’, 2 Others Behind the Biggest Twitter Hack Arrested – Tempemail

Three young individuals — 17, 19, and 22-year-old — have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts as part of a massive bitcoin scam. According to the U.S. Department of Justice, Mason Sheppard, aka “Chaewon,” 19, from the Continue Reading

EU sanctions hackers from China, Russia, North Korea who’re wanted by the FBI – Tempemail

The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states. The directive has been issued against six individuals and three entities responsible for or involved in various cyber-attacks, out of which some publicly known Continue Reading

New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks – Tempemail

Security researchers have outlined a new technique that renders a remote timing-based side-channel attack more effective regardless of the network congestion between the adversary and the target server. Remote timing attacks that work over a network connection are predominantly affected by variations in network transmission time (or jitter), which, in Continue Reading

Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes – Tempemail

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, Continue Reading

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems – Tempemail

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed ‘BootHole‘ and tracked as CVE-2020-10713, the reported vulnerability resides in the GRUB2 bootloader, which, if Continue Reading