Here's an overview of some of last week's most interesting news, reviews and articles: Info of 50M LivingSocial customers compromised following breach LivingSocial, the company behind the eponymous deal-of-the-day website, has confirmed that its computer systems have been breached by ...
Bitcoin is a digital currency whose creation and transfer is based on an open source cryptographic protocol. There are many benefits to using it (no transaction fees, anonymous payments, etc.), but there are also risks involved. The first Bitcoins were created in 2009, and their initi...
Mt.Gox, the world's largest bitcoin exchange, has been downed earlier today by what appears to be a "strong DDoS attack". "We are working hard to overcome it and will update when possible. It's currently 2am in Japan so please forgive us if our Facebook/Twitter updates are not as quic...
BitInstant, one of the online Bitcoin exchange services, has been down and unaccessible from Thursday evening to Monday due to a "sophisticated attack," which resulted in a loss of $12,480 in Bitcoins, but luckily no user data compromise. "We've long been targeted by someone using soc...
Cisco shows the global picture of information security Posted on 31 January 2013. | Cisco released findings from two global studies that provide a vivid picture of the rising security challenges that businesses, IT departments and individuals face. 1 Aerospace and defense firms target...
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code...
For the second week in a row since the start of the new year, users of open source web application framework Ruby on Rails are advised to upgrade to the newly offered versions immediately due to serious vulnerabilities present in previous ones. Last week it was an SQL injection vulner...
Three new versions of popular open source web application framework Ruby on Rails have been released on Wednesday in order to fix an SQL injection vulnerability that affected all the previous versions of Rails. "Due to the way dynamic finders in Active Record extract options from meth...
Malware almost always comes in disguise, but some malware peddlers try to do a better job than others. Trend Micro researchers have recently uncovered a piece of malware that tried to pass itself off as "Trend Micro AntiVirus Plus AntiSpyware" (click on the screenshot to enlarge it): ...
is an anonymous general purpose operating system based on Virtual Box, Ubuntu GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. Whonix consists of two machines, which are connected through ...
is a hacked together Ruby script that can consume Nessus 2 files - with the help of an updated ruby-nessus gem. Prenus allows the output of a few different formats, including:Static HTML files with jQuery Datatables and Highcharts graphs XLS file (Actually a HTML Table with an .xls ex...
