HackDig : Dig high-quality web security articles for hacker

Exploiting the Windows CryptoAPI Vulnerability

On Tuesday, the NSA announced they had found a critical vulnerability in the certificate validation functionality on Windows 10 and Windows Server 2016/2019. This bug allows attackers to break the validation of trust in a wide variety of contexts, such as HTTPS and code signing. If you want to stop reading here, get the important details, and see if you̵
Publish At:2020-01-16 15:25 | Read:215 | Comments:0 | Tags:Cryptography Exploits Vulnerability exploit

January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs

2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for fixes, but Microsoft released patches for 49 vulnerabilities (eight of which are Critical and all the remaining classified as Important) in this cycle. None of these vulnerabilities are known to be under attack at this time. The listed vulnerab
Publish At:2020-01-15 03:20 | Read:249 | Comments:0 | Tags:Exploits Vulnerabilities Microsoft Patch Tuesday

First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group

by Ecular Xu and Joseph C Chen We found three malicious apps in the Google Play Store that work together to compromise a victim’s device and collect user information. One of these apps, called Camero, exploits CVE-2019-2215, a vulnerability that exists in Binder (the main Inter-Process Communication system in Android). This is the first known active attack i
Publish At:2020-01-06 14:35 | Read:323 | Comments:0 | Tags:Exploits Mobile app APT google play exploit

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails. What kic
Publish At:2019-12-19 16:50 | Read:236 | Comments:0 | Tags:Awareness ashley madison ashley madison hack BadRabbit cambr

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet

by Aliakbar Zahravi  We recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the
Publish At:2019-12-16 14:35 | Read:445 | Comments:0 | Tags:Botnets Exploits Internet of Things botnet IOT Momentum rout

Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign

by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During our analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed some interesting characteristic
Publish At:2019-12-04 14:35 | Read:359 | Comments:0 | Tags:Exploits Malware Capesand KurdishCoder exploit

Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

By Joey Chen, Hiroyuki Kakara and Masaoki Shoji While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we a
Publish At:2019-11-30 07:35 | Read:390 | Comments:0 | Tags:Bad Sites Exploits Internet of Things Malware Open source Sp

Introducing iVerify, the security toolkit for iPhone users

“If privacy matters, it should matter to the phone your life is on.” So says Apple in their recent ads about Privacy on the iPhone and controlling the data you share—but many of the security features they highlight are opt-in, and users often don’t know when or how to activate them. But hey… we got your back! Today, Trail of Bits launched i
Publish At:2019-11-14 15:25 | Read:498 | Comments:0 | Tags:Apple Education Exploits Guides iVerify Press Release Privac

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are continuo
Publish At:2019-11-12 02:35 | Read:320 | Comments:0 | Tags:Exploits Malware Blockchain Capesand exploit kit exploit

Pulse VPN patched their vulnerability, but businesses are trailing behind

In April 2019, Pulse Secure published an advisory about a vulnerability in their software. In August, cybercriminals were massively scanning for systems that were running a vulnerable version. Now it’s October, and still many organizations have not applied the patches that are available for this vulnerability. This is a trend we’ve seen repeated wi
Publish At:2019-10-18 16:50 | Read:729 | Comments:0 | Tags:Business cybercriminals exploit exploit kits exploits patch

Windows 10 egghunter (wow64) and more

IntroductionOk, I have a confession to make, I have always been somewhat intrigued by egghunters. That doesn’t mean that I like to use (or abuse) an egghunter just because I fancy what it does. In fact, I believe it’s a good practise to try to avoid egghunters if you can, as they tend to slow things down.What I mean, i
Publish At:2019-10-18 04:50 | Read:503 | Comments:0 | Tags:Exploit Writing Tutorials Exploits asm assembly corelan-tuto

New iOS exploit checkm8 allows permanent compromise of iPhones

UPDATE 9/27, 11:00am: Updated for the misconception that the bootrom was actually being modified. Apparently, the “permanent” only refers to the fact that the bug is in the bootrom, where it cannot be patched. UPDATE 9/27, 12:15am: After speaking with @axi0m8, clarified a few other points, including the fact that this cannot be exploited remot
Publish At:2019-09-27 23:20 | Read:838 | Comments:0 | Tags:Mac Apple apple security apple vulnerability checkm8 exploit

Tethered jailbreaks are back

Earlier today, a new iPhone Boot ROM exploit, checkm8 (or Apollo or Moonshine), was published on GitHub by axi0mX, affecting the iPhone 4S through the iPhone X. The vulnerability was patched in devices with A12 and A13 CPUs. As of this writing, the iPhone XS, XS Max, XR, 11, 11 Pro and 11 Pro Max are all safe from this exploit. We strongly urge all journalis
Publish At:2019-09-27 16:30 | Read:705 | Comments:0 | Tags:Apple Exploits iVerify

Five years later, Heartbleed vulnerability still unpatched

The Heartbleed vulnerability was introduced into the OpenSSL crypto library in 2012. It was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.  This article will provide IT teams with the necessary information to decide whether or not to apply the Heartbleed vulnerability fix. However, we caution: The latter c
Publish At:2019-09-20 11:20 | Read:634 | Comments:0 | Tags:Exploits and vulnerabilities cryptography EKs exploit kits e

‘Purple Fox’ Fileless Malware with Rookit Component Delivered by Rig Exploit Kit Now Abuses PowerShell

By Johnlery Triunfante and Earle Earnshaw (Threat Analysts) Exploit kits may no longer be as prolific as it was back when their activities were detected in the millions, but their recurring activities in the first half of 2019 indicate that they won’t be going away any time soon. The Rig exploit kit, for instance, is known for delivering various payloads — s
Publish At:2019-09-19 14:50 | Read:845 | Comments:0 | Tags:Bad Sites Exploits Malware Vulnerabilities fileless malware

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud