HackDig : Dig high-quality web security articles for hackers

Satori IoT botnet author sentenced to 13 months in prison

byLisa VaasThe coder who created the massive Satori botnet of enslaved devices and a handful of other botnets will be spending 13 months behind bars, the US Attorney’s Office of Alaska announced on Friday.Kenneth Currin Schuchman, 22, from Vancouver, Wash., spent years developing distributed denial-of-service (DDoS) botnets. In September 2019, he pleaded gui
Publish At:2020-06-29 07:48 | Read:123 | Comments:0 | Tags:Denial of Service Law & order Security threats DDoS Fbot/Tsu

‘Anonymous’ takes down Atlanta Police Dept. site after police shooting

byLisa VaasFollowing Friday’s fatal police shooting of Rayshard Brooks – a 27-year-old Black man who fell asleep in a fast-food drive-in lane in Atlanta and was shot while running from police who tried to tase him – hackers affiliating themselves with the Anonymous hacktivist collective may have briefly taken down the website for the city&#
Publish At:2020-06-16 14:48 | Read:190 | Comments:0 | Tags:Denial of Service Government security Law & order Security t

Russia’s FSB wanted its own IoT botnet

byDanny BradburyIf you thought the Mirai botnet was bad, what about a version under the control of Russia’s military that it could point like an electronic cannon at people it didn’t like? That’s the prospect we could face after the reported emergence of secret Russian project documents online last week.The documents, which come from hackin
Publish At:2020-03-24 09:55 | Read:535 | Comments:0 | Tags:Botnet Denial of Service Government security IoT Machine Lea

Drupal Update Issues Could Expose Web Admins to Attacks

A researcher has identified three security issues in Drupal that could expose unsuspecting web admins to various attacks.Fernando Arnaboldi, a senior security researcher and consultant at IOActive, discusses the three issues in a post on his company’s blog.The first issue is that when the Drupal update process fails, certain versions of Drupal will no
Publish At:2016-01-07 14:20 | Read:7458 | Comments:0 | Tags:Latest Security News CSRF denial of service Drupal Fernando

Microsoft Patches Denial of Service Issue in Hyper-V

In addition to the usual slew of patches Microsoft dropped this week, the company on Tuesday also addressed an issue in its hypervisor, Hyper-V, that could lead to a denial of service condition.Microsoft warned about the issue in an advisory separate from its usual Patch Tuesday bulletins. The native hypervisor can be used to run virtual machines on Window
Publish At:2015-11-12 21:50 | Read:3622 | Comments:0 | Tags:Microsoft Virtualization Vulnerabilities Denial of Service H

Novel NTP Attacks Roll Back Time

Sharon Goldberg remembers the cold February day when her Boston University PhD candidate Aanchal Malhotra was studying routing security, in particular, attacks against the resource public key infrastructure (RPKI)—and kept hitting a dead end because of a cache-flushing issue.The resourceful Malhotra decided to roll back the time on her computer as a last-dit
Publish At:2015-10-22 21:40 | Read:4791 | Comments:0 | Tags:Cryptography Hacks Vulnerabilities Web Security Aanchal Malh

Fuzzing for Fun and Profit

So as you do, I was just looking around, manually fuzzing some Web Sockets requests, seeing if I could get any sort of XSS, Remote IRC Command Injection or SQLi mainly – ended up that I didn’t find much there that worse worth noting. So I started seeing if their logic was all alright, so one of their requests looked similar to: {“_reqid”:1234, “cid”:5678, “t
Publish At:2015-10-13 17:40 | Read:4036 | Comments:0 | Tags:exploitation fuzzing infosec pentesting pentura security Sof

Cisco Patches Denial-of-Service, Bypass Vulnerabilities in IOS

Cisco pushed out on Wednesday its usual semiannual round of patches for IOS, the software the company uses for most of its routers and switches.This month’s security advisories addressed four vulnerabilities, three which could lead to denial of service situations, and another that could have let an attacker bypass user authentication.The bypass vulnera
Publish At:2015-09-24 22:50 | Read:2863 | Comments:0 | Tags:Vulnerabilities Bypass vulnerabilities Cisco Denial of Servi

Three Buffer Overflow Vulnerabilities Patched by Yokogawa

Japanese electrical engineering and software company Yokogawa has patched three stack-based buffer overflow vulnerabilities in several of its products.According to an advisory published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the bugs affect Yokogawa’s CENTUM series as well as Exaplog, PRM, STARDOM, and others.“
Publish At:2015-09-14 15:15 | Read:3063 | Comments:0 | Tags:Latest Security News buffer overflow denial of service SARA

Cisco Patches IPv6 Vulnerability in Carrier-Grade Router System

Cisco said on Thursday it has patched a denial of service vulnerability in its IOS XR software used in carrier-grade routers.The vulnerability, Cisco said, rests in the IPv6 processing code used by IOS XR in the Cisco CRS-3 Carrier Routing System. The bug is remotely exploitable and is due to incorrect processing of legitimate IPv6 packets carrying valid IPv
Publish At:2015-06-12 10:05 | Read:3082 | Comments:0 | Tags:Vulnerabilities Web Security carrier routers carrier securit

Remotely Exploitable flaws affect SAP solutions

SAP products make use of a proprietary implementation of LZC and LZH compression algorithms that could be exploited by attackers in several ways. For the second time in a week, we are speaking about security vulnerabilities affecting SAP systems, recently I wrote about a study published by the Onapsis firm that revealed over 9
Publish At:2015-05-15 07:10 | Read:5380 | Comments:0 | Tags:Breaking News Hacking Security CVE-2015-2278 CVE-2015-2282 D

Best Practices: Device Hardening and Recommendations

On April 13th, 2015, Cisco PSIRT was made aware of multiple instances of customer disruption in a specific region caused by a denial of service attack against Cisco devices. We responded quickly to support speedy restoration for our customers.Our ongoing investigation has shown that the storage of some Cisco devices was erased, removing both the Cisco IOS an
Publish At:2015-04-23 19:30 | Read:4757 | Comments:0 | Tags:Security denial of service incident response psirt security

How to crash any iPhone or iPad within WiFi range

Security researchers presenting at this week’s RSA Conference in San Francisco, have uncovered a whole new compelling reason to switch off your phone.Skycure’s Yair Amit and Adi Sharabani have demonstrated a startling vulnerability in iOS that can allow malicious hackers to crash any iOS device within range of a WiFi hotspot.And it doesn’t
Publish At:2015-04-22 11:45 | Read:3538 | Comments:0 | Tags:IT Security and Data Protection Apple denial of service iOS

#HackerKast 30: Verizon Supercookie, Tesla Stock April Fools, Bugs in Tor, YouTube Bounty Hack, ‘Do Not Track̵

Hey All! We made it to 30 Episodes! Thanks for coming along for the ride, and hope you’re enjoying HackerKast. Now… the news! First we talked about the follow up to a story we spoke about a few weeks back that had to do with Verizon tracking its customers. They were doing this by implementing a sort of “supercookie” which was injecte
Publish At:2015-04-09 12:25 | Read:3667 | Comments:0 | Tags:Vulnerabilities Web Application Security WhiteHat HackerKast

Ghost blogging platform affected by multiple vulnerabilities

A group of researchers from Voidsec have found six vulnerabilities in the Ghost blogging platform that allow privilege editing and DoS. Six vulnerabilities have been found affecting Ghost, the blogging platform coded in the Node.js born on October 2013. These vulnerability were discovered on January 26 by a group of researcher
Publish At:2015-03-23 09:40 | Read:4029 | Comments:0 | Tags:Breaking News Hacking blog Denial of Service DOS Ghost blogg


Share high-quality web security related articles with you:)