HackDig : Dig high-quality web security articles for hacker

Cisco fixes DoS, Authentication Bypass issues with its products and OSPF flaw

Cisco addressed 15 flaws in its products, including 2 flaws that could be exploited by attackers to trigger a DoS condition or bypass local authentication. Cisco addressed 15 vulnerabilities affecting a dozen products, including two high severity flaws that could be exploited by attackers to trigger a denial of service condition or bypass local authenticatio
Publish At:2017-08-04 21:15 | Read:2432 | Comments:0 | Tags:Breaking News Security CISCO DOS Hacking

Vulnerabilities in Linksys routers allow attackers to hijack dozens of models

Cyber security experts disclosed the existence of 10 unpatched security flaws in dozens of Linksys routers widely used today. The IOActive senior security consultant Tao Sauvage and the independent security researcher Antide Petit have reported more than a dozen of unpatched security vulnerabilities affecting 25 different Linksys Smart Wi-Fi Routers models.
Publish At:2017-04-20 23:00 | Read:2285 | Comments:0 | Tags:Breaking News Hacking DOS Linksys Linksys routers

A new serious DOS flaw affects BIND DNS software, updates it now

A new serious denial-of-service (DoS) vulnerability was patched this week by the Internet Systems Consortium (ISC) in the BIND DNS software. A security serious denial-of-service (DoS) vulnerability, tracked as CVE-2017-3135, was patched this week by the Internet Systems Consortium (ISC) in the BIND DNS software. The vulnerability in the BIND DNS software was
Publish At:2017-02-12 21:50 | Read:2390 | Comments:0 | Tags:Breaking News Hacking BIND DNS CVE-2017-3135 DOS

CVE-2016-9311 NTP DoS Exploit Released, update your Windows server asap

A researcher released a PoC exploit for the cve-2016-9311 flaw that can cause the crash of the NTP daemon and triggers a DoS condition on Windows systems. The NTP protocol could be exploited by hackers as an attack vector. The NTP is a networking protocol widely used  for the clock synchronization purpose between systems over packet-switched, variable-laten
Publish At:2016-11-24 14:35 | Read:4075 | Comments:0 | Tags:Breaking News Hacking Security DDoS DOS NTP Pierluigi Pagani

OpenSSL Project fixed the CVE-2016-7054 High severity DoS bug

The OpenSSL Project has released the OpenSSL 1.1.0c update that addresses several vulnerabilities, including a high-severity DoS flaw (CVE-2016-7054). The OpenSSL Project has released an update for the 1.1.0 branch (OpenSSL 1.1.0c) to fix a number of vulnerabilities. One of the issues solved with the update is the high severity denial-of-service (DoS) flaw C
Publish At:2016-11-13 01:00 | Read:2496 | Comments:0 | Tags:Breaking News Hacking Security CVE-2016-7054 DOS OpenSSL

Abusing protocols in LTE networks to knock mobile devices off networks

A group of researchers from Nokia Bell Labs and Aalto University in Finland demonstrated how to hack protocols used in the LTE networks. We discussed several times the rule of the SS7 signaling protocol in mobile communications and how to exploit its flaws to track users. When mobile users travel between countries, their mobile devices connect to the infrast
Publish At:2016-11-08 17:55 | Read:4626 | Comments:0 | Tags:Breaking News Hacking Mobile BlackHat EUROPE DOS LTE Network

SonicWALL Email Security appliance flaws could expose corporate emails

Dell issued the SonicWALL Email Security OS 8.3.2 release to address high severity issues that can be exploited to take control of the appliance. Security researchers at Digital Defense discovered multiple vulnerabilities while assessed the SonicWALL Email Security virtual appliance (Version 8.3.0.6149). According to the experts. The flaws could be exploited
Publish At:2016-10-14 23:25 | Read:2598 | Comments:0 | Tags:Breaking News Hacking DOS SonicWALL Email Security

Attackers are exploiting a recently patched high-severity DoS flaw in BIND

Attackers are exploiting a recently patched high-severity DoS flaw, tracked as CVE-2016-2776, in the in the popular DNS software in BIND. Last month a vulnerability in the popular DNS software BIND, tracked as CVE-2016-2776, has been patched. The flaw could be exploited by a remote attacker to trigger a DoS condition using specially crafted DNS packets. The
Publish At:2016-10-13 10:30 | Read:2098 | Comments:0 | Tags:Breaking News Cyber Crime Hacking BIND Cybercrime DOS flaw e

Cisco warns of critical vulnerabilities in CISCO Nexus switches

Cisco has rolled out several critical software patches for the CISCO Nexus 7000-series switches and the related NX-OS software. According to the Cisco Security Advisory, an attacker could exploit the vulnerabilities to gain remote access to vulnerable systems and execute code or commands. According to Wednesday’s Cisco Security Advisory, both the Nexus 7000
Publish At:2016-10-09 15:15 | Read:3398 | Comments:0 | Tags:Breaking News Hacking CISCO Nexus DOS flaws Switches

CVE-2016-569 Linux flaw leaves 1.4 billion Android devices vulnerable to hack

Experts from Lookout revealed that all Android versions running the Linux Kernel 3.6 to the latest are affected by the CVE-2016-569 Linux flaw. Recently I wrote about a severe vulnerability (CVE-2016-5696) affecting the Linux version 3.6, deployed in 2012. The flaw was discovered by researchers from the University of California, Riverside, and the U.S. Army
Publish At:2016-08-17 08:10 | Read:2175 | Comments:0 | Tags:Breaking News Hacking Mobile Android CVE-2016-569 CVE-2016-5

Serious Linux design flaw CVE-2016-569 allows Traffic Hijacking

A severe design flaw in the Linux kernel could be exploited by attackers to hijack traffic, inject malware into connections, and run a wide range of attacks. A severe flaw in the Linux kernel could be exploited by attackers to hijack traffic, inject malware into downloads and web pages, and run a wide range of attacks, break Tor connections. “In genera
Publish At:2016-08-11 05:55 | Read:2646 | Comments:0 | Tags:Breaking News Hacking CVE-2016-569 CVE-2016-5696 DOS LINUX t

CISCO warns customers of high-severity flaws in modems and gateways

Cisco released a series of software updates to patch several high severity flaws in its cable modems, residential gateways and security appliances. Cisco just patched critical vulnerabilities in its cable modems, residential gateways and security appliances. The security updates released this week fix serious flaws in Cisco residential reported by Kyle Lovet
Publish At:2016-03-13 23:35 | Read:2796 | Comments:0 | Tags:Breaking News Security CISCO DOS gateways Hacking informatio

OpenSSL Patches Bring Last Update for 0.9.8 and 1.0.0 Branches

The OpenSSL Software Foundation patched four vulnerabilities in the cryptographic software library on Thursday, likely marking the last time that two older versions of the library will receive updates.The group announced back in December 2014 that it would cease support for two of OpenSSL branches, 1.0.0 and 0.9.8 at the end of the 2015. Yesterday, in a secu
Publish At:2015-12-04 17:45 | Read:2386 | Comments:0 | Tags:Vulnerabilities Web Security DoS OpenSSL OpenSSL updates Pat

Fuzzing for Fun and Profit

So as you do, I was just looking around, manually fuzzing some Web Sockets requests, seeing if I could get any sort of XSS, Remote IRC Command Injection or SQLi mainly – ended up that I didn’t find much there that worse worth noting. So I started seeing if their logic was all alright, so one of their requests looked similar to: {“_reqid”:1234, “cid”:5678, “t
Publish At:2015-10-13 17:40 | Read:2432 | Comments:0 | Tags:exploitation fuzzing infosec pentesting pentura security Sof

Remote DoS Vulnerability Patched in Huawei 4G USB Modem

Chinese networking telecommunications equipment and services company Huawei has patched a vulnerability in its MBB (Mobile Broadband) product E3272s that if exploited could lead to denial-of-service attacks and remote arbitrary code execution.According to a security bulletin released by the company,“An attacker could send a malicious packet to the Comm
Publish At:2015-10-07 13:20 | Read:5801 | Comments:0 | Tags:Latest Security News DoS Huawei Positive Technologies remote

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud