Category: Security News

InfoSec Glossary

This page lists computer and security-related glossary terms and definitions. You can start typing in the List of Terms box to filter matching terms then mouse-over a term to view the definition or suggest an edit. https://isc.sans.edu/glossary.html

Permanent link to this article: https://www.darknessgate.com/2015/06/01/infosec-glossary/

XSS flaw exposed in IBM Domino enterprise platform

A cross-site scripting vulnerability in IBM Domino which has existed for years has been publicly revealed. Revealed last week by a security researcher from Ukraine-based MustLive, the security flaw could cause information leaks on the IBM Domino platform. IBM Domino, formerly IBM Lotus Domino, is a platform used in hosting social business applications. The scalable …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/06/01/xss-flaw-exposed-in-ibm-domino-enterprise-platform/

Inside a Giant Dark-Web Scheme to Sell Counterfeit Coupons

The dark web has become notorious for the sale of drugs, stolen financial data, and even guns, but in their latest crackdown, the feds are dragging another unlikely cash cow of the contraband underground into the spotlight: counterfeit coupons. For one fraudster, those fakes were good for tens of millions of dollars worth of every …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/05/30/inside-a-giant-dark-web-scheme-to-sell-counterfeit-coupons/

The NSA reportedly tried — but failed — to use a Stuxnet variant against North Korea

Permanent link to this article: https://www.darknessgate.com/2015/05/30/the-nsa-reportedly-tried-but-failed-to-use-a-stuxnet-variant-against-north-korea/

The Problem with Secret Questions!

Permanent link to this article: https://www.darknessgate.com/2015/05/26/the-problem-with-secret-questions/

Synology patches serious flaws in its network-attached storage devices

Network-attached storage (NAS) manufacturer Synology fixed several vulnerabilities in its devices’ software, one of which could allow attackers to compromise the data stored on them. The most serious vulnerability is located in the Synology Photo Station, a feature of DiskStation Manager (DSM), the Linux-based operating system that runs on the company’s NAS devices. Synology Photo …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/05/26/synology-patches-serious-flaws-in-its-network-attached-storage-devices/

IRS hit by data breach, tax info on 100,000 stolen

Hackers have pilfered information on more than 100,000 US taxpayers, the federal tax agency said Tuesday. The information includes data on tax returns and other unspecified personal information held by the Internal Revenue Service (IRS), the AP reported. Thieves used the IRS’ “get transcript” system to acquire the data from February through to mid-May, the …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/05/26/irs-hit-by-data-breach-tax-info-on-100000-stolen/

A Beginner’s Guide to Digital Forensics – Infographic

  Source: http://www.usainvestigators.com/a-beginners-guide-to-digital-forensics-infographic/

Permanent link to this article: https://www.darknessgate.com/2015/05/20/a-beginners-guide-to-digital-forensics-infographic/

Fingerprinting: Identifying Applications

When performing a Web Application Security Assessment, an important step is Fingerprinting which allows for further exploitation by an attacker. So as a security researcher/pentester, we should do well at fingerprinting the web server, which gives lot of information like application name, software version, web server info, OS, and more. This helps for known vulnerabilities, …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/05/13/fingerprinting-identifying-applications/

VENOM vulnerability could expose virtual machines on unpatched host systems

A new vulnerability known as VENOM has been discovered, which could allow an attacker to escape a guest virtual machine (VM) and access the host system along with other VMs running on this system. The VENOM bug could potentially allow an attacker to steal sensitive data on any of the virtual machines on this system …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/05/13/venom-vulnerability-could-expose-virtual-machines-on-unpatched-host-systems/

Implement a Proactive Strategy for Data Security

Hardly a week goes by without headlines about a breach of customer data. Less frequent, but just as alarming, are the publicly reported examples and allegations of intellectual property theft. Data security and privacy — and, by extension, brand reputation — are front and center today and will quickly become a business differentiator for tomorrow. …

Continue reading »

Permanent link to this article: https://www.darknessgate.com/2015/05/13/implement-a-proactive-strategy-for-data-security/