Exploit This

Security News, Exploits, and Vulnerabilities.

Crooks Use Hacked Routers to Aid Cyberheists

Cybercriminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyberheists are leveraging hacked wireless routers to deliver their password-stealing crimeware.

A Busy Week for Ne’er-Do-Well News

We often hear about the impact of cybercrime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice. Last week was an especially busy time for cybercrime justice, with authorities across the globe bringing arrests, prosecutions and some cases stiff sentences in connection with a broad range of cyber crimes, including ATM and bank account cashouts, malware distribution and “swatting” attacks.

Hershey Park Investigates Card Fraud Pattern

Hershey Park, a popular resort and amusement park in Hershey, Pa. has hired a security firm to investigate reports from multiple financial institutions about a possible credit card breach, KrebsOnSecurity has learned.

Emergency Patch for Adobe Flash Zero-Day

Adobe Systems Inc. today released an emergency update to fix a dangerous security hole in its widely-installed Flash Player browser plugin. The company warned that the vulnerability is already being exploited in targeted attacks, and urged users to update the program as quickly as possible.

A Month Without Adobe Flash Player

I’ve spent the better part of the last month running a little experiment to see how much I would miss Adobe’s buggy and insecure Flash Player software if I removed it from my systems altogether. Turns out, not so much.

“Free” Proxies Aren’t Necessarily Free

Netflix, Hulu and a host of other content streaming services block non-U.S. users from viewing their content. As a result, many people residing in or traveling outside of the United States seek to circumvent such restrictions by using services that advertise “free” and “open” Web proxies capable of routing browser traffic through U.S.-based computers and networks. Perhaps unsurprisingly, new research suggests that most of these “free” offerings are anything but, and actively seek to weaken browser security and privacy.

Games are over: Winnti is now targeting pharmaceutical companies

Winnti malware has been spotted being used against pharmaceutical industry.

How to backup WordPress on a AWS Linux Instance to Dropbox

Backups are very important, and can also be very expensive. I started using this method to backup up some of my other websites, and thought I would share it. I use a different method to backup this blog, but this method would certainly work. If you have read any of my other guides you will know that […]

How to Set-Up Splunk on a free Micro AWS instance

How to install Splunk on a free AWS micro instance This guide assumes you already have the Micro EC2 Instance up and running and you have ssh access. Download Splunk. wget -O splunk-6.2.3-264376-linux-2.6-x86_64.rpm ‘http://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=Linux&version=6.2.3&product=splunk&filename=splunk-6.2.3-264376-linux-2.6-x86_64.rpm&wget=true’ Install Splunk rpm -ivh splunk-6.2.3-264376-linux-2.6-x86_64.rpm Splunk is now installed, lets start it. cd /opt/splunk/bin/ ./splunk start You will be prompted to agree to […]

OPM’s Database for Sale? Nope, It Came from Another US .Gov

A database supposedly from a sample of information stolen in the much publicized hack at the Office of Personnel Management (OPM) has been making the rounds in the cybercrime underground, with some ne’er-do-wells even offering to sell it as part of a larger package. But a review of the information made available as a teaser indicates that the database is instead a list of users stolen from a different government agency — Unicor.gov, also known as Federal Prison Industries.

%d bloggers like this: