#GhostSec Weekly Security Alerts
This week’s US-CERT Cyber Security high vulnerability alerts include the usual Adobe Flash Player issues, Apache, Avast, Drupal, Huawei and Microsoft products, to name a few. Click here for more details and for information on medium and low risk vulnerabilities.
Krebs on Security Latest Warning: US-CERT to Windows Users: Dump Apple Quicktime
Security News
Anonymous launches OnionIRC — a school for hacktivists on the dark web
Members of the hacker collective Anonymous have just launched a hidden service on the dark web for sharing technical skills in hacking and the use of anonymity software.
Called OnionIRC, the service is an internet relay chat forum, allowing users to remain anonymous through encrypted communications over the Tor network….read more
Penetration testing report is the key deliverable in any security assessment activity. In Penetration testing, the final deliverable is the report which shows the service provided, the methodology used, findings/results and the recommendation. Many penetration testers find the report making as a boring process because it takes a lot of time and effort. In this article, we will discuss the tools available in Kali Linux to simplify the task of report making. These tools are useful for storing your result for quick reference while making the report, sharing your data with your team, etc. We will learn how to use the tools to upload the result from some of the well-known scanners like nmap, Burp, Nikto, OWASP Zap, etc…..read more
The Facebook hacker who caught a Facebook hacker…
Here’s a fascinating story about a hacker who caught a hacker.
(We’re using the word hacker in a legally non-committal sense here: someone with technical skills who finds ways to do things with a computer system that weren’t supposed to happen.)
We don’t know who the first hacker is, but the second, who caught out the first, goes by Orange Tsai, and works as a penetration tester at Devcore, a boutique security consultancy in Taipei….read more
Core Windows Utility Can Be Used to Bypass AppLocker
A researcher has discovered that Windows’ Regsvr32 can be used to download and run JavaScript and VBScript remotely from the Internet, bypassing AppLocker’s whitelisting protections….read more
Apple Transparency Report Shows Spike in Requests for Data
Apple’s latest transparency report puts some hard numbers on the number of law enforcement and government requests it receives for device and user data…read more
Be Prepared: How Proactivity Improves Cybersecurity Defense
These five strategies will help you achieve a state of readiness in a landscape of unpredictable risk….read more
5 Features to Look For In A Next-Generation Firewall
When it comes to NGFWs, it’s the integration that counts…read more
A top ten chronicle of more than a decade of notable ransomware variants and trends….read more
Latest Articles by GhostSec’s @__Sneaker in Security Affairs:
According to a research conducted by IBM the healthcare industry was a privileged target of cybercriminals last year…read more
Google is a ‘Partially Dangerous’ Website … According to Google
According to Google, Google is a ‘partially dangerous’ website because some pages on google.com contain deceptive content. According…read more…read more
The CIA’s Massive Expansion in Social Media Surveillance is Just the Tip of the Iceberg
The US intelligence is massively expanding in Social Media surveillance pushing new technologies, including artificial intelligence…read more
Black Hat | USA is coming up:
July 30 — August 4, 2016 | Mandalay Bay | Las Vegas, NV
Trainings: July 30 — August 2
- Registration is Now Open | more info
- 2016 Trainings Are Live | more info
