Silensec Newsletter

Top News

 Windows 10 updates to be automatic and mandatory for Home users

​Windows Update can't be readily disabled in Windows 10 Home, and the license terms that all users must agree to allow Microsoft to install updates automatically. The Insider Preview releases of Windows 10 didn't include any way to prevent Windows Update from downloading and installing updates, but it wasn't clear if this was just some quirk of the previews, or the long-term plan; Microsoft's previews often have special rules for things like providing automated feedback and hooking up online services, and so this could have been part of that. Read more...

 

 

 

Flash. Must. Die.

Adobe Flash—that insecure, ubiquitous resource hog everyone hates to need—is under siege, again, and hopefully for the last time. The latest calls for its retirement come from some of the Internet’s most powerful players, in the combined clattering of Facebook, Firefox, and a legion of unsatisfied users. Flash is a closed, proprietary system on a web that deserves open standards. It’s a popular punching bag for hackers, which puts users at risk over and over again. Read more...

 

 

 

Read more...
Top News

The Massive OPM Hack Actually Hit 21 Million People!

The massive hack that struck the US Office of Personnel Management affected some 21.5 million people, all of them people who had information stolen about them from a backgrounds investigation database used for evaluating people who sought classified clearances from the government. The stolen information includes about 1.1 million fingerprints as well as findings that investigators obtained from interviews conducted with neighbors, friends and family members for background checks. Read more... 







Pwned Hacking Team tells cops, govts to shut down software

Flayed surveillance outfit Hacking Team is telling customers to suspend running instances of its software after 400GB of its source code and internal data was stolen and posted online.
The company has now asked customers to temporarily suspend use of its software while it investigates if their spying operations have been exposed among the huge cache of released emails and source code.
Read more...

 

 

 

Read more...
Top News

Mastercard to verify purchases using SELFIES!

Mastercard will begin using selfies as a means to verify payments. Users will need to hold their mobile phones at eye-level and blink once when instructed for the check-me-out checkout process to complete, taking a photo, instead of punching in PINs, a move MasterCard chief productsecurity officer Ajay Bhalla says will be popular with youth.

That process is designed to thwart obvious attacks where attackers could use a still image of a victim to verify fraudulentpayments
  Read more...



 

 

PeopleSoft p0wnage possible with a day of GPU brute-forcing.

ERPScan researcher Alexey Tuyrin says hundreds of Oracle PeopleSoftusers, including banks, are running publicly-exposed services that are open to a token-plundering vulnerability. The penetration tester says a breach could be worse than that of the Office of Personnel Management which recently lost millions of records in a hack pinned on China.

Oracle's PeopleSoft Human Resource Management System is used by more than 7000 companies including half of the Fortune 100, of which about a third are higher education organisations mainly based in the US. He says some 231 of that total are vulnerable to the so-called TokenChpoken attack that allows tokens to be recreated allowing attacks to pop data stores and other connected systems. His company has also found cross-site scripting and authentication bypass vulnerabilities he says have been unresolved for years. Read more...

 

Read more...

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed