Hacking 썸네일형 리스트형 [The Hacker News] New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave Another month, another speculative execution vulnerability found in Intel processors. If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel, co-resident virtual machines, and even from Intel's secured SGX enclave. Dubbed CacheOut a.k.a. L1 Data Ev.. 더보기 A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments October 02, 2019 Swati Khandelwal Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems. Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has slowed down the success of phishing and social engineering attacks o.. 더보기 Exclusive — Hacker Steals Over 218 Million Zynga 'Words with Friends' Gamers Data September 29, 2019Swati Khandelwal A Pakistani hacker who previously made headlines earlier this year for selling almost a billion user records stolen from nearly 45 popular online services has now claimed to have hacked the popular mobile social game company Zynga Inc. With a current market capitalization of over $5 billion, Zynga is one of the world's most successful social game developers w.. 더보기 홈플러스 4만 9,000명 고객 개인정보 유출... 사실확인 후 공지 안해 홈플러스 고객정보 유출 사실 아냐...타 사이트 ID·PW로 무단 로그인 타인이 쇼핑한 금액을 OK캐쉬백 포인트로 무단 적립 정황 확인 20일 사실확인 직후 KISA 신고·고객 안내 진행...은폐 사실 없어 [보안뉴스 원병철 기자] 국회 과학기술정보방송통신위원회 변재일 의원실이 26일 발표한 ‘홈플러스 고객정보 유출 및 사실확인 공지’ 문제에 대해 홈플러스 측은 “해킹이 아닌 크리덴셜 스터핑 공격”이며, 특히 “홈플러스 고객정보가 유출된 정황은 없다”고 해명에 나섰다. [이미지=홈플러스 홈페이지] 홈플러스는 26일 보도자료를 통해 변재일 의원실에서 배포한 고객정보 유출 보도자료와 관련, 해당 건은 홈플러스의 고객정보가 유출된 것이 아니며, 당사는 이를 은폐한 적이 없다고 밝혔다. 홈플러스에 따르면 이번 .. 더보기 Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions September 18, 2019Wang Wei A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's widely used to manage the database for websites created with WordPress,.. 더보기 US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks September 14, 2019Swati Khandelwal The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups for conducting several destructive cyberattacks on US critical infrastructure. Besides this, the hacking groups have also been accused of stealing possibly hundreds of millions of dollars from financial institutions around the world to.. 더보기 Multiple Code Execution Flaws Found In PHP Programming Language Multiple Code Execution Flaws Found In PHP Programming Language September 06, 2019Wang Wei Maintainers of the PHP programming language recently released the latest versions of PHP to patch multiple high-severity vulnerabilities in its core and bundled libraries, the most severe of which could allow remote attackers to execute arbitrary code and compromise targeted servers. Hypertext Preprocess.. 더보기 해킹기법 종류1 arp spoofing or icmp redirection sttack or rogue DHCP arp는 막을 방법이 없지만 패킷을 지속적으로 전송해야하는 방법을 이용함으로써 모니터링을 하게되면 발각된다. icmp redirection은 Routing Table을 건드려 매우 쉽게 경로를 바꿔 줄 수 있지만. XP 이상의 운영체제에서 보통 막힌다. 시스템 스캔 후 XP 노드를 확인하여 취약점으로 이용하여 접근할 수 있다. DHCP 서버는 위변조를 확인하기 매우 어렵다. IP address, Netmask, Gateway, DNS Server ip 등의 정보를 위조해 할당한다. 기존 Gateway의 DHCP 기능은 보통 다른 DHCP가 감지 될 경우 자동으로 종료되기도 한다. 농협사태 APT = Advan.. 더보기 이전 1 다음
