HackDig : Dig high-quality web security articles for hackers

Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation’s Cloud Services

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks.According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely w
Publish At:2021-01-14 12:02 | Read:110 | Comments:0 | Tags:Featured Articles Cloud cyber bypassing

Bypassing Windows SmartScreen

God, its been forever since I made an update. I figured if I was to make an update after more than a year’s absence, it better damned well be a good fucking update. Feels like the last time I updated this blog OK, so Smart Screen is a windows defender utility that comes with Windows 10. It pops up a warning if you attempt to run a binary that is
Publish At:2020-12-19 05:27 | Read:257 | Comments:0 | Tags:Uncategorized 0day dll smartscreen bypassing

Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software

[+] Title: Windows TCPIP Finger Command - C2 Channel and Bypassing SecuritySoftware[+] Credits: John Page (aka hyp3rlinx)[+] Website: hyp3rlinx.altervista.org[+] Source:http://hyp3rlinx.altervista.org/advisories/Windows_TCPIP_Finger_Command_C2_Channel_and_Bypassing_Security_Software.txt[+] twitter.com/hyp3rlinx[+] ISR: ApparitionSecMicrosoft Windows TCPIP Fi
Publish At:2020-09-12 04:08 | Read:533 | Comments:0 | Tags: security bypassing

New Attacks Allow Bypassing EMV Card PIN Verification

Researchers with ETH Zurich have identified vulnerabilities in the implementation of the payment card EMV standard that allow for the mounting of attacks targeting both the cardholder and the merchant.In a newly published paper, David Basin, Ralf Sasse, and Jorge Toro-Pozo from the department of computer science at ETH Zurich, explain that vulnerabilities id
Publish At:2020-08-28 15:01 | Read:500 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Identity &

An interesting detail about Control Flow Guard

On Windows systems, before Windows 8.1 update 3, C code calling a function pointer used to be compiled to just a simple “call register” instruction; for example, in a 32bit process: call esi Starting with Windows 8.1 update 3, in all system libraries, it is more complicated: mov ecx, esi call ds:___guard_check_icall_fptr call
Publish At:2015-09-28 19:30 | Read:7673 | Comments:0 | Tags:Application Security Bypassing Mitigation Uncategorized

Tools

Tag Cloud