Even weak hackers can pull off a password reset MitM attack via account registration

At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, “The Password Reset MitM Attack” (pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures. They dubbed the attack:[…]


Hackers attacked 4 Florida school districts, allegedly hoped to hack voting systems

We’ve heard a lot about Russians attackers attempting to hack the US election, but another hacking group also allegedly wanted to interfere with the election; they attempted to pivot from compromised school districts to state voting systems. The Miami Herald reported that MoRo, a group of hackers based in Morocco, penetrated “at least four Florida[…]