HackDig : Dig high-quality web security articles for hacker

Critical DoS messaging flaw fixed in December Android update

byJohn E DunnFor anyone lucky enough to get them, Android’s December 2019 updates arrived this week, patching a small list of system and Qualcomm flaws across the operating system’s two patch levels.In Google’s estimation, at the top of the urgent list on the 2019-12-01 patch level (see below for explanation) is CVE-2019-2232, a critical flaw affecting Andro
Publish At:2019-12-05 12:35 | Read:100 | Comments:0 | Tags:Android Google Linux Mobile Operating Systems Security threa

Rootkit Umbreon / Umreon - x86, ARM samples

Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM SystemsResearch: Trend MicroThere are two packagesone is 'found in the wild' full and a set of hashes from Trend Micro (all but one file are already in the full package)DownloadDownload Email me if you need the password  File informationPart one (full package)#File NameHash ValueFile Size (on
Publish At:2019-11-21 11:45 | Read:277 | Comments:0 | Tags:ARM Linux rootkit Umbreon x86

Linux/AirDropBot samples

Reference Malware Must Die:  MMD-0064-2019 - Linux/AirDropBotMirai variant targeting Linksys E-series - Remote Code ExecutiontmUnblock.cgi Download             Other malwareDownload. Email me if you need the password (see in my profile) HashesMD5SHA256SHA185a8aad8d938c44c3f3f51089a60ec161a756429764
Publish At:2019-11-21 11:45 | Read:97 | Comments:0 | Tags:Linksys Linux Mirai

Amnesia / Radiation Linux botnet targeting Remote Code Execution in CCTV DVR samples

Reference Amnesia / Radiation botnet samples targeting Remote Code Execution in CCTV DVR 2017-04-06 Palo Alto Unit 42. New IoT/Linux Malware Targets DVRs, Forms Botnet2016-08-11 CyberX Radiation IoT Cybersecurity campaignDownload             Other malwareDownload. Email me if you need the password (see
Publish At:2019-11-21 11:45 | Read:163 | Comments:0 | Tags:Botnet CCTV DVR Linux

Filesystem-Eating Bug Discovered in Linux 4.14

Recent news has reported that an urgent data corruption issued has destroyed file systems in Linux 4.14 and if you are using bcache to speed up your Linux 4.14 you are being urged to stop it immediately if you want your data to survive. Linux Compatibility Linux is an open-source technology and hundreds of programmers have been involved with adding softwar
Publish At:2019-10-18 04:40 | Read:275 | Comments:0 | Tags:Articles News bcache filesytem kernbel linux

Useful Resources for Those Who Want to Know More About Linux

Guest post by Lucy Benton Linux is one of the most popular and versatile operating systems available. It can be used on a smartphone, computer and even a car. Linux has been around since the 1990s and is still one of the most widespread operating systems. Linux is actually used to run most of the Internet as it is considered to be rather stable compared to
Publish At:2019-10-18 04:40 | Read:307 | Comments:0 | Tags:Articles Guides course learning linux operating systems reso

TSC Frequency For All: Better Profiling and Benchmarking

Have you ever tried using LLVM’s X-Ray profiling tools to make some flame graphs, but gotten obscure errors like: ==65892==Unable to determine CPU frequency for TSC accounting. ==65892==Unable to determine CPU frequency. Or worse, have you profiled every function in an application, only to find the sum of all function runtimes accounted for ~15 minutes of a
Publish At:2019-10-03 09:30 | Read:237 | Comments:0 | Tags:Containers Linux Research Practice

Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload

By Augusto Remillano II and Jakub Urbanec (Threat Analysts) Cryptocurrency-mining malware is still a prevalent threat, as illustrated by our detections of this threat in the first half of 2019. Cybercriminals, too, increasingly explored new platforms and ways to further cash in on their malware — from mobile devices and Unix and Unix-like systems to servers
Publish At:2019-09-19 14:50 | Read:245 | Comments:0 | Tags:Malware cryptocurrency miner Linux rootkit Skidmap

UNIX and Linux setUID advice and guidance

It is a topic that often comes up on client engagements, usually when running structured build reviews of Linux “gold builds”, but occasionally when trying to explain in detail how we used a Linux system to pivot internally. SetUID and setGID files are inevitably a risk, potentially allowing attackers to elevate privileges to root from a basic us
Publish At:2017-10-27 17:20 | Read:4681 | Comments:0 | Tags:Blog AIX analysis auditing blueteam FreeBSD Linux root Solar

Exploring Windows Subsystem for Linux

Whilst there has been quite a lot of analysis of Microsoft’s new Windows Subsystem for Linux (aka WSL or Bash on Ubuntu on Windows) and how it functions (particularly from Alex Ionescu), most of this has focused on how it affects the Windows security model. Being a keen UNIX focused researcher, I decided to take it for a spin. The first thing I did onc
Publish At:2017-10-27 17:20 | Read:3084 | Comments:0 | Tags:Blog analysis Linux root Windows

A high-risk two-years old flaw in Linux kernel was just patched

A high-risk security vulnerability discovered more than two years ago has been patched in Linux kernel. The flaw discovered by researchers with Qualys Research Labs affects all Linux distributions that have not fixed their kernels after a commit released on April 14, 2015. Tracked as CVE-2017-1000253, the flaw could be exploited by attackers to escalate priv
Publish At:2017-09-28 18:27 | Read:2693 | Comments:0 | Tags:Breaking News Hacking CVE-2017-1000253 hacking . Pierluigi P

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:4418 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:5082 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux

August’s Android Security Bulletin includes three file system vulnerabilities (CVE-2017-10663, CVE-2017-10662, and CVE-2017-0750) that were discovered by Trend Micro researchers. These vulnerabilities could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and contr
Publish At:2017-08-08 05:25 | Read:2629 | Comments:0 | Tags:Mobile Open source Vulnerabilities android F2FS Linux Vulner

Creator of the Ebury botnet sentenced to 46 months in jail

US authorities sentenced a Russian man to 46 months in prison and accused him of operating an Ebury botnet composed of tens of thousands of servers. US authorities sentenced a Russian man to 46 months in prison and accused him of infecting tens of thousands of servers worldwide with a Linux malware to generate millions in fraudulent payments. The man, Maxim
Publish At:2017-08-07 04:30 | Read:2658 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Ebury botnet LI

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud