HackDig : Dig high-quality web security articles for hackers

May Patch Tuesday: More Fixes for SharePoint, TLS, Runtime, and Graphic Components Released

This month’s Patch Tuesday includes 111 fixes for Microsoft. Of the 111 vulnerabilities, 16 have been rated Critical while the rest have been ranked Important. Four of the vulnerabilities rated as Important for this release were disclosed by the Zero Day Initiative (ZDI): two for remote code execution (RCE) and two for escalation of privileges. Other updates
Publish At:2020-05-18 12:48 | Read:201 | Comments:0 | Tags:Exploits Vulnerabilities Patch Tuesday

Top 10 most exploited vulnerabilities list released by FBI, DHS CISA

byLisa VaasWhen work-from-home became a sudden, urgent need in March, many organizations slapped together cloud-collaboration services such as Microsoft Office 365 for their newly locked-down staff.Unfortunately and understandably, pressure was high. People were scrambling. Thus did a number of those services get put together with a wing, a prayer, and misco
Publish At:2020-05-18 12:27 | Read:322 | Comments:0 | Tags:Malware Security threats Vulnerability .net Adobe Flash Apac

Revisiting 2000 cuts using Binary Ninja’s new decompiler

It’s been four years since my blog post “2000 cuts with Binary Ninja.” Back then, Binary Ninja was in a private beta and the blog post response surprised its developers at Vector35. Over the past few years I’ve largely preferred to use IDA and HexRays for reversing, and then use Binary Ninja for any scripting. My main reason for stick
Publish At:2020-04-17 15:57 | Read:541 | Comments:0 | Tags:Binary Ninja Exploits

Keep Zoombombing cybercriminals from dropping a load on your meetings

While shelter in place has left many companies struggling to stay in business during the COVID-19 epidemic, one company in particular has seen its fortunes rise dramatically. Zoom, the US-based maker of teleconferencing software, has become the web conference tool of choice for employees working from home (WFH), friends coming together for virtual happy hour
Publish At:2020-04-14 14:25 | Read:590 | Comments:0 | Tags:How-tos coronavirus covid-19 exploit exploits how-to zoom te

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

Since the coronavirus became a worldwide health issue, the desire for more information and guidance from government and health authorities has reached a fever pitch. This is a golden opportunity for threat actors to capitalize on fear, spread misinformation, and generate mass hysteria—all while compromising victims with scams or malware campaigns. Profiti
Publish At:2020-03-16 14:22 | Read:687 | Comments:0 | Tags:Threat analysis APT APT36 coronavirus coronavirus malware co

Manticore discovers the ENS bug

The Ethereum Name Service (ENS) contract recently suffered from a critical bug that prompted a security advisory and a migration to a new contract (CVE-2020-5232). ENS allows users to associate online resources with human-readable names. As you might expect, it allows you to transfer and sell domain names. Figure 1: Sam Sun (samczsun) discovered a critical v
Publish At:2020-03-03 16:49 | Read:419 | Comments:0 | Tags:Blockchain Exploits Manticore Symbolic Execution

February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities

The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even wider range of fixes that address a total of 99 vulnerabilities — including 12 classified as Critical, with the remaining 99 deemed Important. Only five of the vulnerabilities were made public before the patches were released; one of these was ra
Publish At:2020-02-11 21:00 | Read:663 | Comments:0 | Tags:Exploits Vulnerabilities LNK Patch Tuesday RDP Remote Deskto

Outlaw Updates Kit to Kill Older Miner Versions, Targets More Systems

By Jindrich Karasek (Threat Researcher) As we’ve observed with cybercriminal groups that aim to maximize profits for every campaign, silence doesn’t necessarily mean inactivity. It appears hacking group Outlaw, which has been silent for the past few months, was simply developing their toolkit for illicit income sources. While they have been quiet since our J
Publish At:2020-02-10 17:25 | Read:766 | Comments:0 | Tags:Bad Sites Exploits Malware Targeted Attacks Vulnerabilities

Exploiting the Windows CryptoAPI Vulnerability

On Tuesday, the NSA announced they had found a critical vulnerability in the certificate validation functionality on Windows 10 and Windows Server 2016/2019. This bug allows attackers to break the validation of trust in a wide variety of contexts, such as HTTPS and code signing. If you want to stop reading here, get the important details, and see if you̵
Publish At:2020-01-16 15:25 | Read:787 | Comments:0 | Tags:Cryptography Exploits Vulnerability exploit

January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs

2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for fixes, but Microsoft released patches for 49 vulnerabilities (eight of which are Critical and all the remaining classified as Important) in this cycle. None of these vulnerabilities are known to be under attack at this time. The listed vulnerab
Publish At:2020-01-15 03:20 | Read:703 | Comments:0 | Tags:Exploits Vulnerabilities Microsoft Patch Tuesday

First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group

by Ecular Xu and Joseph C Chen We found three malicious apps in the Google Play Store that work together to compromise a victim’s device and collect user information. One of these apps, called Camero, exploits CVE-2019-2215, a vulnerability that exists in Binder (the main Inter-Process Communication system in Android). This is the first known active attack i
Publish At:2020-01-06 14:35 | Read:911 | Comments:0 | Tags:Exploits Mobile app APT google play exploit

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails. What kic
Publish At:2019-12-19 16:50 | Read:707 | Comments:0 | Tags:Awareness ashley madison ashley madison hack BadRabbit cambr

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet

by Aliakbar Zahravi  We recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the
Publish At:2019-12-16 14:35 | Read:1132 | Comments:0 | Tags:Botnets Exploits Internet of Things botnet IOT Momentum rout

Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign

by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During our analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed some interesting characteristic
Publish At:2019-12-04 14:35 | Read:1038 | Comments:0 | Tags:Exploits Malware Capesand KurdishCoder exploit

Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

By Joey Chen, Hiroyuki Kakara and Masaoki Shoji While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we a
Publish At:2019-11-30 07:35 | Read:1133 | Comments:0 | Tags:Bad Sites Exploits Internet of Things Malware Open source Sp

Announce

Share high-quality web security related articles with you:)

Tools