Articles for January 2018

LeakedSource Founder Arrested for Selling 3 Billion Stolen Credentials

Published on

Silly criminals…

Canadian authorities have arrested and charged an Ontario man for operating a website that collected ‘stolen’ personal identity records and credentials from some three billion online accounts and sold them for profit.

According to the Royal Canadian Mounted Police (RCMP), the 27-year-old Jordan Evan Bloom of Thornhill is the person behind the notorious LeakedSource.com—a major repository that compiled public data breaches and sold access to the data, including plaintext passwords.

Read more here.

Loading

Wi-Fi Alliance launches WPA3 protocol with new security features

Published on

The Wi-Fi Alliance has finally announced the long-awaited next generation of the wireless security protocol—Wi-Fi Protected Access (WPA3).

WPA3 will replace the existing WPA2—the network security protocol that has been around for at least 15 years and widely used by billions of wireless devices every day, including smartphones, laptops and Internet of things.

However, WPA2 has long been considered to be insecure due to its common security issue, that is “unencrypted” open Wi-Fi networks, which allows anyone on the same WiFi network to intercept connections on other devices.

Read more here.

Loading

Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases

Published on

A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link.

Discovered by an Indian security researcher, Ashutosh Barot, the vulnerability is a cross-site request forgery (CSRF) attack and affects phpMyAdmin versions 4.7.x (prior to 4.7.7).

Cross-site request forgery vulnerability, also known as XSRF, is an attack wherein an attacker tricks an authenticated user into executing an unwanted action.

Read more here.

Loading