Genel, Güvenlik, İşletim Sistemleri, MS Server 2012 R2

   Herkese Merhaba,     Bugün sizlere IIS 6.5 ve sonraki versiyonlarda tam olarak güvenlik açığı diyemeyeceğimiz ama aynı zamanda saldırıların yoğun olduğu ülkemizde bundan bir şey olmaz da diyemeyeceğimiz bir konuyu anlatacağım. Şimdi gelelim konumuza; bir saldırganın ilk bilmek ...

Read more

The Hacker News

  • GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat
    by [email protected] (Swati Khandelwal) on 28 Şubat 2020 at 18:37

    If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) 'file read and inclusion bug' […]

  • Let's Encrypt Issued A Billion Free SSL Certificates in the Last 4 Years
    by [email protected] (Ravie Lakshmanan) on 28 Şubat 2020 at 12:26

    Let's Encrypt, a free, automated, and open certificate signing authority (CA) from the nonprofit Internet Security Research Group (ISRG), has said it's issued a billion certificates since its launch in 2015. The CA issued its first certificate in September 2015, before eventually reaching 100 million in June 2017. Since late last year, Let's Encrypt has issued at least 1.2 million […]

  • Why Businesses Should Consider Managed Cloud-Based WAF Protection
    by [email protected] (The Hacker News) on 28 Şubat 2020 at 10:24

    The City of Baltimore was under cyber-attack last year, with hackers demanding $76,000 in ransom. Though the city chose not to pay the ransom, the attack still cost them nearly $18 million in damages, and then the city signed up for a $20 million cyber insurance policy. It's very evident that cyber-attacks are not only costly in terms of time and money but also bring extensive legal liability […]

  • New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users
    by [email protected] (Ravie Lakshmanan) on 28 Şubat 2020 at 10:13

    A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack — named "IMPersonation Attacks in 4G NeTworks" (or IMP4GT) — exploits the mutual authentication […]

  • New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices
    by [email protected] (Unknown) on 26 Şubat 2020 at 18:15

    Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets. Dubbed 'Kr00k' and tracked as CVE-2019-15126, the flaw could let nearby remote attackers intercept and decrypt som […]