Vulnerability in the Microsoft Exchange NTLM authentication protocol
Microsoft Exchange supports a API called Exchange Web Services (EWS). One of the EWS API functions is called PushSubscriptionRequest, which can be used to cause the Exchange serve…
Quiz on spotting the phishing
Google’s technology incubator Jigsaw has revealed a quiz that tests users’ abilities to identify phishing attacks. The quiz is created based on the security trainings they held wi…
Vulnerability in APT package manager
Vulnerability was discovered in apt that allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code as root on a machine installing any package. …
Unpatched critical vulnerability in Cisco Small Business switches
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. Th…
Over 87GB of email addresses and passwords exposed on the internet
Almost 773 million unique email addresses and just under 22 million unique passwords were found. The data, dubbed Collection #1, is a set of email addresses and passwords totallin…