HackDig : Dig high-quality web security articles for hacker

UNIX and Linux setUID advice and guidance

It is a topic that often comes up on client engagements, usually when running structured build reviews of Linux “gold builds”, but occasionally when trying to explain in detail how we used a Linux system to pivot internally. SetUID and setGID files are inevitably a risk, potentially allowing attackers to elevate privileges to root from a basic us
Publish At:2017-10-27 17:20 | Read:275 | Comments:0 | Tags:Blog AIX analysis auditing blueteam FreeBSD Linux root Solar

Exploring Windows Subsystem for Linux

Whilst there has been quite a lot of analysis of Microsoft’s new Windows Subsystem for Linux (aka WSL or Bash on Ubuntu on Windows) and how it functions (particularly from Alex Ionescu), most of this has focused on how it affects the Windows security model. Being a keen UNIX focused researcher, I decided to take it for a spin. The first thing I did onc
Publish At:2017-10-27 17:20 | Read:241 | Comments:0 | Tags:Blog analysis Linux root Windows

A high-risk two-years old flaw in Linux kernel was just patched

A high-risk security vulnerability discovered more than two years ago has been patched in Linux kernel. The flaw discovered by researchers with Qualys Research Labs affects all Linux distributions that have not fixed their kernels after a commit released on April 14, 2015. Tracked as CVE-2017-1000253, the flaw could be exploited by attackers to escalate priv
Publish At:2017-09-28 18:27 | Read:224 | Comments:0 | Tags:Breaking News Hacking CVE-2017-1000253 hacking . Pierluigi P

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:365 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:204 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux

August’s Android Security Bulletin includes three file system vulnerabilities (CVE-2017-10663, CVE-2017-10662, and CVE-2017-0750) that were discovered by Trend Micro researchers. These vulnerabilities could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and contr
Publish At:2017-08-08 05:25 | Read:314 | Comments:0 | Tags:Mobile Open source Vulnerabilities android F2FS Linux Vulner

Creator of the Ebury botnet sentenced to 46 months in jail

US authorities sentenced a Russian man to 46 months in prison and accused him of operating an Ebury botnet composed of tens of thousands of servers. US authorities sentenced a Russian man to 46 months in prison and accused him of infecting tens of thousands of servers worldwide with a Linux malware to generate millions in fraudulent payments. The man, Maxim
Publish At:2017-08-07 04:30 | Read:317 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Ebury botnet LI

Wikileaks Vault 7 – Imperial projects revealed the 3 hacking tools Achilles, SeaPea and Aeris

Wikileaks published another batch of classified documents from the CIA Vault 7 leak, it includes details of the Imperial project. Today another batch of classified documents from the CIA Vault 7 leak was published by Wikileaks. The documents are related to a CIA project codenamed ‘Imperial,’ they include details of three CIA hacking tools and im
Publish At:2017-07-28 04:35 | Read:332 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware Achilles Aeris CI

New Debian 9.1 release includes 26 security fixes for 55 packages

The Debian Project announced the Debian 9.1 GNU/Linux, a version that brings numerous updates and addresses many security issues. The Debian Project announced the new Debian 9.1 release that includes 26 security fixes. The list of fixed problems includes the Heimdal Kerberos man-in-the-middle vulnerability, a 20 years-old vulnerability in Kerberos that was p
Publish At:2017-07-24 18:31 | Read:344 | Comments:0 | Tags:Breaking News Security Debian 9.1 LINUX security

Wikileaks: BothanSpy and Gyrfalcon CIA Implants steal SSH Credentials from Windows and Linux OSs

WikiLeaks leaked documents detailing BothanSpy and Gyrfalcon CIA implants designed to steal SSH credentials from Windows and Linux OSs. WikiLeaks has published a new batch of documents from the Vault7 dump detailing two new CIA implants alleged used by the agency to intercept and exfiltrate SSH (Secure Shell) credentials from both Windows and Linux operating
Publish At:2017-07-07 02:35 | Read:345 | Comments:0 | Tags:Breaking News Hacking Intelligence BothanSpy CIA cyber espio

Wikileaks – CIA developed OutlawCountry Malware to hack Linux systems

WikiLeaks released a new batch of documents that detail the CIA tool OutlawCountry used to remotely spy on computers running Linux operating systems. WikiLeaks has released a new batch of documents from the Vault 7 leak that details a CIA tool, dubbed OutlawCountry, used by the agency to remotely spy on computers running Linux operating systems. According t
Publish At:2017-07-01 17:40 | Read:457 | Comments:0 | Tags:Breaking News Hacking Intelligence CIA cyber espionage LINUX

A critical flaw allows hacking Linux machines with just a malicious DNS Response

A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in th
Publish At:2017-06-29 10:25 | Read:348 | Comments:0 | Tags:Breaking News Hacking DNS LINUX

Stack Clash vulnerability allows an attacker to execute code as root

Stack Clash is a local privilege escalation flaw in Linux, BSD, Solaris and other open source systems that allows an attacker to execute code as root. Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code as root. Stack Clash is a local privi
Publish At:2017-06-20 05:25 | Read:523 | Comments:0 | Tags:Breaking News Hacking BSD LINUX Solaris Stack Clash Vulnerab

Erebus Resurfaces as Linux Ransomware

by Ziv Chang, Gilbert Sison, and Jeanne Jocson On June 10, South Korean web hosting company NAYANA was hit by Erebus ransomware (detected by Trend Micro as RANSOM_ELFEREBUS.A), infecting 153 Linux servers and over 3,400 business websites the company hosts. In a notice posted on NAYANA’s website last June 12, the company shared that the attackers demanded an
Publish At:2017-06-19 17:25 | Read:537 | Comments:0 | Tags:Ransomware Erebus Linux ransomware

50 hashes per hour

How often do you turn off your computer when you go home from work? We bet you leave it on so you don’t have to wait until it boots up in the morning. It’s possible that your IT staff have trained you to lock your system for security reasons whenever you leave your workplace. But locking your system won’t save your computer from a new type
Publish At:2017-06-06 08:30 | Read:745 | Comments:0 | Tags:Blog Research Data leaks Data Protection Linux Security Poli

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud