HackDig : Dig high-quality web security articles for hacker

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:9 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux

August’s Android Security Bulletin includes three file system vulnerabilities (CVE-2017-10663, CVE-2017-10662, and CVE-2017-0750) that were discovered by Trend Micro researchers. These vulnerabilities could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and contr
Publish At:2017-08-08 05:25 | Read:240 | Comments:0 | Tags:Mobile Open source Vulnerabilities android F2FS Linux Vulner

Creator of the Ebury botnet sentenced to 46 months in jail

US authorities sentenced a Russian man to 46 months in prison and accused him of operating an Ebury botnet composed of tens of thousands of servers. US authorities sentenced a Russian man to 46 months in prison and accused him of infecting tens of thousands of servers worldwide with a Linux malware to generate millions in fraudulent payments. The man, Maxim
Publish At:2017-08-07 04:30 | Read:244 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Ebury botnet LI

Wikileaks Vault 7 – Imperial projects revealed the 3 hacking tools Achilles, SeaPea and Aeris

Wikileaks published another batch of classified documents from the CIA Vault 7 leak, it includes details of the Imperial project. Today another batch of classified documents from the CIA Vault 7 leak was published by Wikileaks. The documents are related to a CIA project codenamed ‘Imperial,’ they include details of three CIA hacking tools and im
Publish At:2017-07-28 04:35 | Read:206 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware Achilles Aeris CI

New Debian 9.1 release includes 26 security fixes for 55 packages

The Debian Project announced the Debian 9.1 GNU/Linux, a version that brings numerous updates and addresses many security issues. The Debian Project announced the new Debian 9.1 release that includes 26 security fixes. The list of fixed problems includes the Heimdal Kerberos man-in-the-middle vulnerability, a 20 years-old vulnerability in Kerberos that was p
Publish At:2017-07-24 18:31 | Read:240 | Comments:0 | Tags:Breaking News Security Debian 9.1 LINUX security

Wikileaks: BothanSpy and Gyrfalcon CIA Implants steal SSH Credentials from Windows and Linux OSs

WikiLeaks leaked documents detailing BothanSpy and Gyrfalcon CIA implants designed to steal SSH credentials from Windows and Linux OSs. WikiLeaks has published a new batch of documents from the Vault7 dump detailing two new CIA implants alleged used by the agency to intercept and exfiltrate SSH (Secure Shell) credentials from both Windows and Linux operating
Publish At:2017-07-07 02:35 | Read:249 | Comments:0 | Tags:Breaking News Hacking Intelligence BothanSpy CIA cyber espio

Wikileaks – CIA developed OutlawCountry Malware to hack Linux systems

WikiLeaks released a new batch of documents that detail the CIA tool OutlawCountry used to remotely spy on computers running Linux operating systems. WikiLeaks has released a new batch of documents from the Vault 7 leak that details a CIA tool, dubbed OutlawCountry, used by the agency to remotely spy on computers running Linux operating systems. According t
Publish At:2017-07-01 17:40 | Read:290 | Comments:0 | Tags:Breaking News Hacking Intelligence CIA cyber espionage LINUX

A critical flaw allows hacking Linux machines with just a malicious DNS Response

A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in th
Publish At:2017-06-29 10:25 | Read:235 | Comments:0 | Tags:Breaking News Hacking DNS LINUX

Stack Clash vulnerability allows an attacker to execute code as root

Stack Clash is a local privilege escalation flaw in Linux, BSD, Solaris and other open source systems that allows an attacker to execute code as root. Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code as root. Stack Clash is a local privi
Publish At:2017-06-20 05:25 | Read:434 | Comments:0 | Tags:Breaking News Hacking BSD LINUX Solaris Stack Clash Vulnerab

Erebus Resurfaces as Linux Ransomware

by Ziv Chang, Gilbert Sison, and Jeanne Jocson On June 10, South Korean web hosting company NAYANA was hit by Erebus ransomware (detected by Trend Micro as RANSOM_ELFEREBUS.A), infecting 153 Linux servers and over 3,400 business websites the company hosts. In a notice posted on NAYANA’s website last June 12, the company shared that the attackers demanded an
Publish At:2017-06-19 17:25 | Read:481 | Comments:0 | Tags:Ransomware Erebus Linux ransomware

50 hashes per hour

How often do you turn off your computer when you go home from work? We bet you leave it on so you don’t have to wait until it boots up in the morning. It’s possible that your IT staff have trained you to lock your system for security reasons whenever you leave your workplace. But locking your system won’t save your computer from a new type
Publish At:2017-06-06 08:30 | Read:542 | Comments:0 | Tags:Blog Research Data leaks Data Protection Linux Security Poli

A recently discovered Linux flaw could be exploited by Sudo Users to gain Root Privileges

Security researchers at Qualys Security have discovered a Linux Flaw that could be exploited to escalate privileges and overwrite any file on the filesystem. Security researchers at Qualys Security have discovered a Linux flaw that could be exploited to gain root privileges and overwrite any file on the filesystem on SELinux-enabled systems. The high severit
Publish At:2017-05-31 17:55 | Read:453 | Comments:0 | Tags:Breaking News Hacking LINUX Linux flaw privileges escalation

Linux Shishiga malware, a threat in dangerous evolution

Malware researchers from security firm ESET have discovered a new Linux threat dubbed Shishiga malware targeting systems in the wild. Malware researchers from ESET have discovered a new Linux malware dubbed Linux/Shishiga targeting systems in the wild. The Linux/Shishiga malware uses four different protocols (SSH, Telnet, HTTP and BitTorrent) implements a mo
Publish At:2017-04-26 07:50 | Read:511 | Comments:0 | Tags:Breaking News Cyber Crime Malware brute force Cybercrime LIN

Russian Man Pleads Guilty to Orchestrating Ebury Botnet Conspiracy

A Russian man has pleaded guilty to helping to create and operate a botnet of tens of thousands of machines infected with Ebury malware.On 28 March 2017, Maxim Senakh, 41, of Velikii Novgorod, Russia pleaded guilty to a conspiracy to violate the Computer Fraud and Abuse Act and conspiracy to commit wire fraud. Law enforcement originally indicted Senakh on 13
Publish At:2017-03-29 19:45 | Read:454 | Comments:0 | Tags:Latest Security News Fraud Linux malware

CVE-2017-2636 Linux kernel flaw was spotted after seven years and quickly fixed

A flaw recently fixed in the Linux kernel tracked as CVE-2017-2636 might have been exploited to gain privilege escalation or cause a DoS condition. The security expert Alexander Popov from Positive Technologies has discovered a race condition in the n_hdlc driver that might be exploited by attackers for privilege escalation in the operating system. The vuln
Publish At:2017-03-16 19:55 | Read:737 | Comments:0 | Tags:Breaking News Hacking CVE-2017-2636 kernel flaw LINUX

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud