xHamster adult site infects computers through malicious Sex Messenger ad

Security firm Malwarebytes is reporting that xHamster, one of the world’s most visited porn websites, has been hit by a sophisticated malware attack.

According to a blog post by researcher Jerome Segura, the malicious Angler exploit kit lies behind adverts for a dating application called “Sex Messenger”, and aside from xHamster has also affected other popular portal websites linking to adult content.

Before dropping its malware payload, the attack checks whether you are running Internet Explorer, and exploits the CVE-2013-7331 Microsoft.XMLDOM ActiveX control vulnerability in Microsoft Windows 8.1 and earlier. Continue reading →

Change this setting to stop Siri spilling your selfies!

Change this setting to stop Siri spilling your selfies!

Watch out, iDevice owners!

Siri has opened the pod bay door to let snoopers in.

Barely a week after the release of iOS 9, a hacker has found a way for snoops to access your contacts and photos and send messages without your passcode.

The bug affects iOS 9 and iOS 9.0.1 on iPhones, iPads and iPods.

The security flaw allows a malcontent with physical access to your iDevice to use Siri to bypass Apple’s Lock screen – even if you have set up Touch ID with your fingerprint. Continue reading →

Mitm Attack MITMf Framework for Man In The Middle

The best MITM tool on Kali Linux MITMF
Injecting payload into softwares via HTTP
Mitm Attack MITMf Framework for Man In The Middle

MITMf

Framework for Man-In-The-Middle attacks
Quick tutorials, examples and developer updates at: https://byt3bl33d3r.github.io
This tool is based on sergio-proxy and is an attempt to revive and update the project.

Features

The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. Continue reading →

Researchers Find 4000 Malicious App Store Apps

Researchers Find 4000 Malicious App Store Apps

A malicious app campaign which infiltrated Apple’s App Store is far more extensive than at first thought, according to security researchers.

The original report from Palo Alto Networks five days ago claimed that 39 malicious apps had passed Apple’s strict vetting process to end up on its China App Store.

Even this small number was thought to potentially affect hundreds of millions of users as it included versions of popular software including messaging service WeChat.

However, FireEye said yesterday that the number of affected apps is actually closer to 4000. Continue reading →

How To Install LAMP & WordPress on Debian 8

How To Install Linux, Apache, MySQL, PHP (LAMP) Stack on Debian 8 & WordPress
The LAMP stack of software, consisting of the Linux operating system, Apache web server, MySQL database, and PHP scripting language, is a great foundation for web or application development. Installed together, this software stack enables your server to host dynamic websites and web applications.

In this tutorial, we’ll walk you through the installation of this software on a Debian 8 (Jessie)

Prerequisites:

Before we get started, please complete the following:
Create your Debian 8 VPS or Server
Complete the Initial Server Setup for Debian 8
Install basic security packages such as IPTables, Fail2Ban, etc..