News der Woche - Übersicht
Brian Krebs identifiziert Anna-Senpai, den Mirai-Botnet-Autor
Jan 19
Kompendium über Datenbank-Ransomware
Jan 18
DDoS - Der neue Internet-Killer - Podcast mit All About Security
Nov 08
Someone Is Learning How to Take Down the Internet
Oct 25
Mirai - Senpain - Sourcecode für das aktuell gefährlichste IoT-Botnet veröffentlicht
Oct 12
Online-Test für die aktuelle OpenSSL-Lücke (CVE-2016-2107)
May 04
How I Hacked Facebook, and Found Someones Backdoor Script
May 03
Nginx 1.10 veröffentlicht: TCP/UDP-Loadbalancing, HTTPv2, dynamische Module
Apr 29
DET - Data Exfiltration Toolkit
Mar 30
ElasticZombie unter den Top 10 Alienvault- Blogs in 2015
Jan 07
using nginx + naxsi to fight against the latest Joomla-0-Day and PHP-Object-Injection generally
Dec 15
Angriffe auf die DNS-Rootserver
Dec 09
Debian verbannt ElasticSearch (DSA-3389-1 elasticsearch -- end-of-life)
Nov 23
Google stellt auf BoringSSL um
Oct 22
SYNful Knock - weltweite Scans
Sep 21
Lücke in OpenLDAP erlaubt Single-Packet-DoS
Sep 18
Bypass WAF Cookbook
Sep 03
HipChat for Jira Remote Code Execution
Sep 03
NGINX - Buch von O'Reilly als freie Version verfügbar
Jul 31
Nginx 1.9.3 mit neuen Stream-Features
Jul 14
RAILS IP Whitelist Bypass and Remote Code Execution (CVE-2015-3224)
Jun 18
New LibreSSL mailing lists
Jun 04
SSLLabs stuft Server mit schwachen DH-Parametern herunter
May 21
A Javascript-based DDoS Attack as seen by Safe Browsing (GitHubs GreatDDoS)
Apr 25
SSLLabs veröffentlicht CLI-Client für die SSLLabs-API
Mar 17
Farewell, Google-Code, and thanx for all the fish
Mar 12
Is Google about to tell the world that your site is too slow? (via nccgroup)
Mar 12
Rowhammer - FAQ für Serverbetreiber
Mar 10
protect from ElasticSearch RCE (CVE-2015-1427) / JetLeak with Naxsi
Mar 10
OpenSSL Cookbook 2nd Edition jetzt verfügbar
Mar 04
FREAKShow - Lücke in TLS ermöglich MITM durch Cipher-Downgrades
Mar 03
JetLeak - Jetty Webserver leaked shared buffers (CVE-2015-2080)
Feb 28
Nginx goes HTTP/2
Feb 26
HTTP/2 is Done
Feb 18
Hacking as a Service - Case Study
Feb 17
Bulletproof TLS Newsletter February 2015 | Ivan Ristic
Feb 16
End of the m0n0wall project
Feb 16
Today I Am Releasing Ten Million Passwords
Feb 11
OpenSSL 1.0.2 wirft seine Schatten voraus
Jan 14
The 90s called: Lücke im Windows Telnet-Dienst erlaubt Remote Code Execution
Jan 14
Hacking a Bitcoin Exchange
Jan 13
Lücke in Git und Mercurical betrifft OSX und Windows
Dec 19
reCAPTCHA, NoCAPTCH, BreakCAPTCHA
Dec 05
HTTP vs HTTPS - Speedtest
Dec 04
Bulletproof TLS Newsletter November 2014 | Ivan Ristic
Nov 27
The sad state of server-side TLS Session Resumption implementations
Nov 18
CREAM: the scary SSL attack you’ve probably never heard of
Nov 13
Remote code execution via ftp on Mac OS 10.10 (Yosemite), NetBSD, FreeBSD
Oct 28
All Your Data Are Belong To US: iCloud speichert ungefragt lokale Daten
Oct 27
don't run 'strings' on untrusted files (lcamtuf)
Oct 26
SSL Config Generator von Mozilla
Oct 23
Bulletproof TLS Newsletter: POODLE attack on SSL 3 | Ivan Ristic
Oct 16
LibreSSL 2.1.1 released
Oct 16
LibreSSL 2.1.0 released
Oct 13
SPHINCS: practical stateless hash-based signatures
Oct 09
Bulletproof TLS Newsletter October 2014 | Ivan Ristic
Oct 08
Ghost in the ShellShock: Yahoo gehackt
Oct 06
Who.is the Harlem Shake
Sep 24
Keyless SSL von CloudFlare: Private Privat-Keys
Sep 23
OpenSSL Development Team releases first public security policy
Sep 08
Popping a shell on the Oculus developer portal
Sep 01
DoS attacks (ICMPv6-based) resulting from IPv6 EH drops
Aug 22
Google-Ranking für HTTPS-Seiten verbessert
Aug 20
Buch: Bulletproof SSL and TLS verfügbar
Aug 19
Spamhaus blacklistet GMX und 1&1 (Update)
Aug 15
LibreSSL Portable veröffentlicht (Update)
Jul 12
AES timing attacks on OpenSSL
Jul 03
Enterprise, my ass: Backdoor in Ciscos Unified Communications Domain Manager
Jul 03
Virus Bulletin celebrates 25th birthday by making all content free
Jul 01
No more Microsoft advisory email notifications (Update)
Jun 30
Chrome: Weltherrschaft in 5 Jahren
Jun 28
Identifying (and Exploiting) Xml eXternal Entity vulnerability (XXE)
Jun 27
SSL/TLS capabilities of 30+ widely used browsers and devices
Jun 27
Wanna know the PWD for the Brasil world cup security center WiFi Network?
Jun 25
Realtime Attack-Map (Norse)
Jun 25
History theft with CSS Boolean algebra
Jun 24
MOD_SPDY ist offizielles Apache-Projekt
Jun 20
GET /passwords.txt - 200 OK: 32.000 Server durch BMC-Lücke gefährdet
Jun 20
Speicher-Fallout: Verhalten verteilter Datenbanken bei Netz/Node-Ausfällen (Elasticsearch, etcd, Consul, RabbitMQ, Redis, Cassandra, NuoDB, Kafka, MongoDB, Postgres)
Jun 20
PoC for Docker VMM-container breakout
Jun 18
Online-Tests for the latest and greates OpenSSL-Vulns (en)
Jun 15
Online-Tests für OpenSSL-Lücken
Jun 11
One Token to Rule Them All - The Tale of the Leaked Gmail Addresses
Jun 10
Technical Analysis Of The GnuTLS Hello Vulnerability (CVE-2014-3466)
Jun 05
Tomcat-Patches schließen diverse DOS-Lücken (CVE-2014-0075, CVE-2014-0095 )
Jun 03
A journey to abused FTP sites (story of Shells, Malware, Bots, DDoS, Spam, Cloudflare evasion)
Jun 03
The Anatomy of a Rails Vulnerability-CVE-2014-0130: From Directory Traversal to Shell
May 29
TrueCrypt: Gehackt oder mundtot?
May 29
Project Un1c0rn: Liste exploitbarer Server
May 22
IETF: Ständige Überwachung ist ein Angriff / RFC 7258 / BCP 188
May 21
DNS Flood of 1.5 Billion Requests a Minute: When AntiDDoS - Services Attack
May 18
Spass am Gerät: 25 Jahre alte DOS-Virussignatur in die Bitcoin-Blockchain eingepflegt
May 18
How to Catch a Hacker in the Act
May 17
How I bypassed 2-Factor-Authentication on Google, Facebook, Yahoo, LinkedIn, and many others.
May 17
HTTP Security Headers on Top 10k Alexa Websites
May 16
Hacking the Java Debug Wire Protocol - or - "How I met your Java debugger"
May 09
Fishing for Hackers: Analysis of a Linux Server Attack
May 09
OAuth/OpenID Covert Redirect: Old Bug + New FAQ
May 03
Script fools n00b hackers into hacking themselves
May 02
Nginx überholt Apache bei den Top 1000 Websites
Apr 29
Nginx 1.6.0 und 1.7.0 veröffentlicht
Apr 28
Using Facebook Notes + Google to DDoS any website / Reflected HTTP-DDOS
Apr 25
Pwn the n00bs - Acunetix 0day
Apr 24
The rise of DDoS Botnets by Imperva
Apr 04
30 critical Java / Oracle -Cloud - Vulns published by Adam Gowdiak (Naxsi Ruleset-Update)
Apr 03
Cryptolocker … you little shit
Apr 01
How a Hacker Intercepted FBI and Secret Service Calls With Google Maps
Mar 04
testssl.sh: Testing TLS/SSL encryption
Feb 28
GitHub RCE by Environment variable injection Bug Bounty writeup by Joernchen
Feb 27
PostgreSQL packages for Debian and Ubuntu updated
Feb 26
SSL Labs: Testing for Apple's TLS authentication bug
Feb 26
Schere, Stein, Papier für SecOps
Feb 24
An In-depth Analysis of Linux/Ebury-Rootkit (ESET-Blog)
Feb 24
WAF-Regeln für Tomcat/Apache-Commons File Upload DOS CVE-2014-0050
Feb 17
How I hacked Github again by Egor Homakov
Feb 08
Buch: Bulletproof SSL/TLS and PKI von Ivan Ristić in Auszügen und für Vorbestellungen verfügbar
Feb 05
Cookie Bomb or lets break the Internet.
Feb 03
Whoop, there it is! Linux local root exploit for CVE-2014-0038 ( CONFIG_X86_X32=y )
Feb 03
XXE in OpenID: one bug to rule them all, or how I found a Remote Code Execution flaw affecting Facebook's servers
Jan 23
LINKSYS & NETGEAR Backdoor by the Numbers
Jan 22
SSL Labs: striktere Anforderungen ab 2014
Jan 22
I Know You Need New Toner
Jan 15
Exploit-Database bei Github veröffentlicht
Jan 13
Prolexic Q3 2013 Global DDoS Attack Report
Jan 12
Dual_Ec_Drbg backdoor: a proof of concept
Jan 12
How's My SSL? SSL-Browser-Test
Jan 09
A Forensic Overview of a Linux perlbot
Jan 08
Scanning the Internet: Nmap's Favicon Map
Jan 08
Domain typo finder
Jan 08
Internet-Wide Scan Data Repository
Jan 08
(IN)SECURE Magazine Issue 40: Exposing Malware
Dec 03
Security Headers on the Top 1,000,000 Websites: November 2013 Report
Dec 02
Large-scale net traffic misdirections and MitM attacks detected
Nov 28
THOUSANDS of Ruby on Rails sites leave logins lying around
Nov 28
Splinter RAT - Sourcecode für Botnet veröffentlicht
Nov 28
Reddit-AMA by Bruce Schneier
Nov 28
Twitter finally accepts industry best practices by closing known security holes
Nov 28
How Antisec Died
Nov 27
Digital Attack Map: DDoS-Angriffe in Echtzeit beobachten
Oct 21
Sehen Sie sich auf unserer Live-Attack-Map 8map.de die aktuelle Bedrohungslage an


8ack - Active Defense for Datacenters




Unterstützt durch:
                       

(c) copyright 2016 8ack GmbH