HackDig : Dig high-quality web security articles for hacker

Fileless cryptocurrency miner CoinMiner uses NSA EternalBlue exploit to spread

A new fileless miner dubbed CoinMiner appeared in the wild, it uses NSA EternalBlue exploit and WMI tool to spread. A new strain of Cryptocurrency Miner dubbed CoinMiner appeared in the wild and according to the experts it is hard to detect and infects Windows PCs via EternalBlue NSA exploit. CoinMiner is a fileless malware that leverages the WMI (Windows Ma
Publish At:2017-08-22 13:35 | Read:64 | Comments:0 | Tags:Breaking News Cyber Crime Malware CoinMiner Cybercrime ETERN

New Disdain Exploit Kit Detected in the Wild

By Chaoying Liu and Joseph C. Chen The exploit kit landscape has been rocky since 2016, and we’ve observed several of the major players—Angler, Nuclear, Neutrino, Sundown—take a dip in operations or go private. New kits have popped up sporadically since then, sometimes revamped from old sources, but none have really gained traction. Despite that fact,
Publish At:2017-08-17 08:05 | Read:75 | Comments:0 | Tags:Exploits exploit kit exploit

The Disdain exploit kit appears in the threat landscape

The Disdain exploit kit is available for rent on a daily, weekly, or monthly basis for prices of $80, $500, and $1,400 respectively. The security researcher David Montenegro discovered a new exploit kit dubbed Disdain that is offered for rent on underground hacking forums by a malware developer using the pseudonym of Cehceny. Disdain Exploit Kit – New
Publish At:2017-08-15 12:50 | Read:174 | Comments:0 | Tags:Breaking News Cyber Crime Malware exploit

CVE-2017-0199: Crooks exploit PowerPoint Slide Show files to deliver malware

According to Trend Micro, cyber criminals abuse the CVE-2017-0199 vulnerability to deliver malware via PowerPoint Slide Show. In April Microsoft fixed the CVE-2017-0199  vulnerability in Office after threat actors had been exploiting it in the wild. Hackers leveraged weaponized Rich Text File (RTF) documents exploiting a flaw in Office’s Object Linking and E
Publish At:2017-08-15 12:50 | Read:114 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware CVE-2017-0199 malw

Jailbreak versus Compromise…

We see a lot of confusion in the market about precisely what it means to jailbreak a device–and that confusion could lead to serious problems, especially with regard to the notion of a hacker performing a jailbreak to attack a device. The security industry is notoriously full of acronyms, buzzwords and generally opaque jargon. Here at Zimperium, we try
Publish At:2017-08-08 13:55 | Read:170 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense Exploit jailbreak

Thick Client Penetration Testing – 3(JavaDeserialization Exploit: RCE)

Thick Client Penetration Testing – 3 (Java Deserialization Exploit: Remote Code Execution) Welcome Readers, in the previous two blogs, we have learnt about the various test cases as well as setting up traffic for thick clients using interception proxy. Among the plethora of test cases out here, one particularly interesting is about “Remote Code Execution on
Publish At:2017-08-05 02:15 | Read:275 | Comments:0 | Tags:News exploit

How 'Postcript' Exploits Networked Printers

At Black Hat 2017, a university researcher will demo how attackers can drill into networked printers by way of the ubiquitous PostScript programming language.Network printer exploits are like old dogs learning new tricks, according to a security researcher with Ruhr University.In his upcoming Black Hat presentation, Exploiting Network Printers, Jens Muller,
Publish At:2017-07-26 00:30 | Read:328 | Comments:0 | Tags: exploit

Expert exploited an unrestricted File Upload flaw in a PayPal Server to remotely execute code

The security researcher Vikas Anil Sharma exploited an unrestricted File Upload vulnerability in a PayPal Server to remotely execute code. The security researcher Vikas Anil Sharma has found a remote code execution vulnerability in a PayPal server. The expert was visiting the PayPal Bug Bounty page using the Burp software, below the response obtained opening
Publish At:2017-07-24 00:05 | Read:160 | Comments:0 | Tags:Breaking News Hacking hackig PayPal Server RCE unrestricted

A bug in Gnome pic parser can be exploited to run malicious VBScripts

A bug in your image thumbnailer could represent a new attack vector for hackers that can exploit it for script injection. Another day, another bug in a popular application. A bug in your image thumbnailer could represent a new attack vector for hackers that can exploit it for script injection. To create image thumbnails, Gnome Files allows users providing fi
Publish At:2017-07-20 22:05 | Read:261 | Comments:0 | Tags:Breaking News Hacking Gnome input validation VB script explo

ProMediads Malvertising and Sundown-Pirate Exploit Kit Combo Drops Ransomware and Info Stealer

With additional insights/analysis from Chaoying Liu We’ve uncovered a new exploit kit in the wild through a malvertising campaign we’ve dubbed “ProMediads”. We call this new exploit kit Sundown-Pirate, as it’s indeed a bootleg of its precursors and actually named so by its back panel. ProMediads has been active as early as 2016, employing Rig and Sundown exp
Publish At:2017-07-19 15:35 | Read:208 | Comments:0 | Tags:Bad Sites Exploits exploit kit LockPOS malvertising ProMedia

SHELLBIND IoT malware targets NAS devices exploiting SambaCry flaw

The seven-year-old remote code execution vulnerability SambaCry was exploited by the SHELLBIND IoT malware to target NAS devices. A new strain of malware dubbed SHELLBIND exploits the recently patched CVE-2017-7494 Samba vulnerability in attacks against Internet of Things devices. SHELLBIND has infected most network-attached storage (NAS) appliances, it exp
Publish At:2017-07-19 09:10 | Read:266 | Comments:0 | Tags:Cyber Crime Internet of Things Malware CVE-2017-7494 Hacking

Zero-Day Exploit Surfaces that May Affect Millions of IoT Users

A zero-day vulnerability dubbed Devil's Ivy is discovered in a widely used third-party toolkit called gSOAP.Millions of IoT devices relying on widely used third-party toolkit gSOAP could face a zero-day attack, security firm Senrio disclosed Tuesday, which dubbed the vulnerability Devil's Ivy.Senrio, which made the discovery when researching Axis security ca
Publish At:2017-07-19 02:20 | Read:109 | Comments:0 | Tags: exploit

Linux Users Urged to Update as a New Threat Exploits SambaCry 

by Mohamad Mokbel, Tim Yeh, Brian Cayanan A seven-year old vulnerability in Samba—an open-source implementation of the SMB protocol used by Windows for file and printer sharing—was patched last May but continues to be exploited. According to a security advisory released by the company, the vulnerability allows a malicious actor to upload a shared library to
Publish At:2017-07-18 21:10 | Read:168 | Comments:0 | Tags:Exploits Vulnerabilities exploit

Exploiting Windows authentication protocols – Part 01

SMB relay attackExploiting the weak Windows authentication protocols is on the top of the list for any adversary, because it mostly relies on a design flaw in the protocol itself, moreover, it is easy and could allow the adversary to get access to remote systems with almost no alert from most systems such as an IPS, AV, etc.In this series of articles,
Publish At:2017-07-07 19:30 | Read:242 | Comments:0 | Tags:Penetration Testing exploit

IoT Physical Attack Exploit to be Revealed at Black Hat

Security researcher Billy Rios plans to demonstrate how an exploit can cause an IoT device to launch a physical attack against a human.IoT devices are increasingly becoming ubiquitous, raising the stakes of physical harm to humans if exploits make these connected devices go rogue. One of the first examples of such an IoT exploit that will do just that is sla
Publish At:2017-07-07 14:10 | Read:208 | Comments:0 | Tags: exploit

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud