MongoDB And ransomware attacks

Learning that tens of thousands of MongoDB database have been compromised and held hostage by ransomware is both startling and worrisome. Groups of attackers have adopted a new tactic that involves deleting publicly exposed MongoDB databases and asking for money to restore them.The number of affected databases has risen from hundreds to more than 10,000. […]

Your Smart TV Can Be Hacked

According to Shodan, the search engine for internet-connected devices, there are at least 18160 Samsung smart TVs connected to the internet.   let’s starts with an exemple .I use shodan to found a NEC LCD Monitor the next step is to connect to one of adresses IP and we can see no authentication   we […]

The “CVE 2014-0160:heartbleed” vulnerability three year later

Description The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual […]

“Ticketbleed” Flaw Exposes F5 Appliances to Remote Attacks (CVE-2016-9244)

Description A vulnerability, colloquially referred to as Ticketbleed vulnerability has been discovered in the TLS/SSL stack used by F5 Networks Inc. in their BIG-IP products. This vulnerability affects BIG-IP SSL virtual servers with the non-default session tickets option enabled. Very similar to the well-known Heartbleed vulnerability, Ticketbleed allows a remote attacker to extract up to […]