HackDig : Dig high-quality web security articles for hacker

Magnitude Exploit Kit Now Targeting South Korea With Magniber Ransomware

A new ransomware is being distributed by the Magnitude exploit kit: Magniber (detected by Trend Micro as RANSOM_MAGNIBER.A and TROJ.Win32.TRX.XXPE002FF019), which we found targeting South Korea via malvertisements on attacker-owned domains/sites. The development in Magnitude’s activity is notable not only because it eschewed Cerber—its usual ransomware paylo
Publish At:2017-10-21 18:05 | Read:76 | Comments:0 | Tags:Bad Sites Exploits Ransomware CERBER CVE-2016-0189 Locky Ran

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require
Publish At:2017-10-21 15:05 | Read:92 | Comments:0 | Tags:Featured Research Adobe APT Microsoft Word Vulnerabilities a

Zero-Day flaws in 3 WordPress Plugins being exploited in the wild

Security experts at Wordfence reported that Zero-Day vulnerabilities in three different WordPress plugins have been exploited in the wild. Zero-day vulnerabilities in several WordPress plugins have been exploited by threat actors in the wild to hack vulnerable websites and deliver backdoors, the alarm was launched by security firm Wordfence. The attackers ha
Publish At:2017-10-04 22:40 | Read:127 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime plugin Wordpres

Google publishes PoC Exploit code for iPhone Wi-Fi Chip hack

Google disclosed details and a proof-of-concept exploit for iPhone Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. This week Google disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. The flaw that was patched this week could be exploited by att
Publish At:2017-09-27 23:55 | Read:158 | Comments:0 | Tags:Breaking News Hacking Mobile CVE-2017-11120 iPhone mobile Wi

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:228 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

Oracle releases security patches for Apache Struts CVE-2017-9805 Flaw exploited in the wild

Oracle fixed several issues in the Apache Struts 2 framework including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks. Oracle has released patches for vulnerabilities affecting many of its products, the IT giant has fixed several issues in the Apache Struts 2 framework, including the flaw CVE-2017-9805 that has been exploit
Publish At:2017-09-26 11:00 | Read:173 | Comments:0 | Tags:Breaking News Security CVE-2017-9805 Hacking RCE flaw REST S

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:143 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

Retefe banking Trojan leverages EternalBlue exploit to infect Swiss users

Cyber criminals behind the Retefe banking Trojan have improved it by adding a new component that uses the NSA exploit EternalBlue. ETERNALBLUE is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack and NotPetya massive attacks. ETERNALBLUE targets the SMBv1 protocol and it has become widely adopted in the community of mal
Publish At:2017-09-24 03:40 | Read:218 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware banking trojan Ete

Kernel Exploitation-Part 3

Over the last two articles of this series, we have come a long way around kernel exploitation. We started with finding a buffer overflow in driver code to parsing of different structures to steal the token. In the final part of this series, we will combine the whole parts plus provide some finishing touches to complete the exploit.In last part of this
Publish At:2017-09-21 00:25 | Read:155 | Comments:0 | Tags:Hacking exploit

Hackers exploit an undocumented Word feature for user fingerprinting

Kaspersky researchers discovered a new attack technique leveraging an undocumented Word feature to gather information on users. Kaspersky researchers discovered a new attack technique leveraging Microsoft Word documents to gather information on users. The technique is innovative because it doesn’t use active content such as macros or exploits, it exploits an
Publish At:2017-09-19 13:05 | Read:125 | Comments:0 | Tags:Breaking News Hacking undocumented Word Word exploit

Researchers demonstrate how to steal Bitcoin by exploiting SS7 issues

Hackers have exploited security weaknesses in SS7 protocol to break into a GMail account, take control of a bitcoin wallet and steal funds. In June 2016, researchers with Positive Technologies demonstrated that it is possible to hack Facebook accounts by knowing phone numbers by exploiting a flaw in the SS7 protocol. The technique allows bypassing any securi
Publish At:2017-09-19 13:05 | Read:163 | Comments:0 | Tags:Breaking News Hacking Bitcoin mobile SS7 two-factor authenti

Kernel Exploitation: Advanced

In Part 1 of this article series, we had reverse engineered the driver and identified buffer overflow vulnerability in it. In this part, we will cover the next step of developing the exploit, and for that, we will have to go through various structures and offset. Since this a kernel land exploitation, a typical MSFvenom shellcode will not work.The expl
Publish At:2017-09-18 17:00 | Read:130 | Comments:0 | Tags:Exploit Development exploit

Windows Kernel Exploitation- Part 1

In this article series, we will learn about kernel exploitation using a driver HackSysExtremeVulnerableDriver built by Ashfaq Ansari. The driver has many vulnerabilities built into it, and we will try and exploit all of them in this series. In this part, we will work on identifying the buffer overflow vulnerability present in the driver and try to expl
Publish At:2017-09-15 15:10 | Read:180 | Comments:0 | Tags:Hacking exploit

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:250 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

Zerodium is offers $1 Million for Tor Browser Exploits

The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor browser to law enforcement and governm
Publish At:2017-09-14 03:50 | Read:213 | Comments:0 | Tags:Breaking News Deep Web Hacking Bug Bounty exploits Pierluigi


Share high-quality web security related articles with you:)


Tag Cloud