HackDig : Dig high-quality web security articles for hacker

Microsoft Windows 10 (19H1 1901 x64) ws2ifsl.sys Use After Free Local Privilege Escalation (kASLR kCFG SMEP)

/*The exploit works on 19H1.It was tested with ntoskrnl version 10.0.18362.295*/#include <Windows.h>#include <stdio.h>#include <string>#include <ntstatus.h>#include <processthreadsapi.h>#include <winternl.h>#include <tlhelp32.h>#pragma comment(lib, "ntdll.lib")// run cmd.exeunsigned char shellcode[] ="
Publish At:2020-01-21 11:10 | Read:33 | Comments:0 | Tags:No Tag

Realistic Factory Honeypot Shows Threats Faced by Industrial Organizations

Trend Micro researchers have set up a factory honeypot and found that industrial organizations should be more concerned about attacks launched by profit-driven cybercriminals rather than the threat posed by sophisticated state-sponsored groups.The honeypot mimicked a factory and was designed to be as realistic as possible. The industrial environment included
Publish At:2020-01-21 10:15 | Read:12 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Virus & Threats

Serious security breach in Internet Explorer: Microsoft warns against use

A critical vulnerability in Internet Explorer, with the identifier CVE-2020-0674 has been published by Microsoft. It allows attackers to remotely execute code using the JScript.dll library. A security patch is currently being created. On the first patch Tuesday of 2020, Microsoft released 49 updates; shortly afterwards, the vendor reported a new zero-day sec
Publish At:2020-01-21 09:15 | Read:117 | Comments:0 | Tags:News Security Germany Microsoft vulnerability

SIM Hijacking

SIM hijacking -- or SIM swapping -- is an attack where a fraudster contacts your cell phone provider and convinces them to switch your account to a phone that they control. Since your smartphone often serves as a security measure or backup verification system, this allows the fraudster to take over other accounts of yours. Sometimes this involves people insi
Publish At:2020-01-21 08:40 | Read:91 | Comments:0 | Tags:No Tag

Zero-Day IE Bug is Being Exploited in the Wild

Both Microsoft and the US government are warning computer users of a critical remote code execution (RCE) vulnerability in Internet Explorer, which is currently being exploited in the wild.The zero-day bug, CVE-2020-0674, exists in the way the scripting engine handles objects in memory in IE, according to a Microsoft advisory updated over the weekend.At
Publish At:2020-01-21 07:40 | Read:99 | Comments:0 | Tags: exploit

UK Gov Database Leak Exposes 28 Million Children

The UK government is facing urgent questions after it was revealed that betting companies were given access to a Department for Education (DfE) database containing personal information on 28 million children.Known as the Learning Record Service, the database stores information on students in England, Wales and North Ireland choosing to take post-14 qualifica
Publish At:2020-01-21 07:40 | Read:62 | Comments:0 | Tags:No Tag

Hong Kong Looks to GDPR as it Strengthens Privacy Laws

Hong Kong is set to follow the lead of European regulators in applying tougher penalties for data protection infractions, following a serious breach at airline Cathay Pacific in 2018.Proposed amendments to the regional government’s Personal Data (Privacy) Ordinance, which cited the GDPR, would see fines levied as a percentage of global turnover, accord
Publish At:2020-01-21 07:40 | Read:117 | Comments:0 | Tags:No Tag

Hanna Andersson Data Breach: Hackers Compromise Website of Children's Clothier

Portland, Oregon-based children's clothing maker Hanna Andersson has quietly disclosed a breach to affected customers. Very few details of the breach have been made public.The letter, obtained by SecurityWeek, has been sent via postal mail and explains that a third party had gained unauthorized access to customer information entered during online purchases b
Publish At:2020-01-20 22:15 | Read:147 | Comments:0 | Tags:NEWS & INDUSTRY Cybercrime

Hardcoded SSH Key Found in Fortinet SIEM Appliances

A hardcoded SSH public key in Fortinet’s Security Information and Event Management FortiSIEM can be abused to access the FortiSIEM Supervisor. The hardcoded SSH key is for the user 'tunneluser', is the same between installs and is also stored unencrypted in the FortiSIEM image. As a result, an attacker could retrieve it and use it to sign into
Publish At:2020-01-20 22:15 | Read:67 | Comments:0 | Tags:Network Security NEWS & INDUSTRY

Are We Secure Yet? How to Build a 'Post-Breach' Culture

There are many ways to improve your organization's cybersecurity practices, but the most important principle is to start from the top. Are we secure yet? I was asked this question in a board meeting a many years ago. The way it was phrased implied that getting secure is a task to be completed. Managing cybersecurity is actually more like doing the laundry, i
Publish At:2020-01-20 22:10 | Read:131 | Comments:0 | Tags:No Tag

DDoS Mitigation Firm Founder Admits to DDoS

A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others. Tucker Preston, 22, of Macon, Ga., pleaded guilty last week in a New Jersey court to one count of damaging protected computers by transmission of a pr
Publish At:2020-01-20 20:35 | Read:140 | Comments:0 | Tags:DDoS-for-Hire Ne'er-Do-Well News BackConnect Security LLC Fr

A week in security (January 13 – 19)

Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed you about new rules on deepfakes in the US, and demonstrated how backdoors in elastic servers expose private data. Other cybersecurity news An online group of cybersecurity analysts calling themselves Intrusion Truth have revea
Publish At:2020-01-20 16:50 | Read:98 | Comments:0 | Tags:A week in security apt40 Cisco citrix data enrichment deepfa

Clearview AI and Facial Recognition

The New York Times has a long story about Clearview AI, a small company that scrapes identified photos of people from pretty much everywhere, and then uses unstated magical AI technology to identify people in other photos. His tiny company, Clearview AI, devised a groundbreaking facial recognition app. You take a picture of a person, upload it and get to se
Publish At:2020-01-20 15:40 | Read:188 | Comments:0 | Tags:No Tag

Mitsubishi Electric Discloses Information Leak

Japanese company Mitsubishi Electric has today disclosed an information leak that occurred over six months ago. The century-old electronics and electrical equipment manufacturing firm announced the breach by issuing a brief statement on its website.An official internal investigation was launched after suspicious activity was observed taking pl
Publish At:2020-01-20 14:40 | Read:75 | Comments:0 | Tags:No Tag

Possessing Ransomware Could Become Illegal in Maryland

Lawmakers in the state of Maryland are considering making it a criminal offense to be in possession of ransomware. A bill was introduced on Tuesday, January 14, that seeks to penalize Marylanders who knowingly possess the malware and intend to use it to cause harm. The bill also grants victims of a ransomware attack the right to sue the hacker for damag
Publish At:2020-01-20 14:40 | Read:153 | Comments:0 | Tags:No Tag

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud