HackDig : Dig high-quality web security articles for hackers

Gitpaste-12 worm botnet returns with 30+ vulnerability exploits

Recently discovered Gitpaste-12 worm that spreads via GitHub and also hosts malicious payload on Pastebin, has returned with even more exploits.The first iteration of Gitpaste-12 shipped with reverse shell and crypto-mining capabilities and exploited over 12 known vulnerabilities, therefore the moniker.This time, the advanced wo
Publish At:2020-12-20 16:01 | Read:500 | Comments:0 | Tags:Security Technology Vulnerability exploit botnet

Proportion of Exploited Vulnerabilities Continues to Drop

While the number of identified vulnerabilities has increased significantly over the past years, the percentage of flaws that are exploitable or have actually been exploited has been dropping, according to vulnerability management company Kenna Security.The number of vulnerabilities that received a CVE identifier in 2011 was roughly 4,100, but the number has
Publish At:2020-12-14 10:11 | Read:231 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities exploit

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. PostgreSQL, als
Publish At:2020-12-13 08:12 | Read:261 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking Malware LINUX m

IdeKode Local File Inclusion Exploiter

Original : https://cxsecurity.com/issue/WLB-2020080031Exploit: https://github.com/Proxysec/IDEKODE-LFI/blob/main/exploit.pyExploit raw:import requestsimport osdef banner(): print(f""""_________ ______ _______ _ _______ ______ _______ _ _______ ___________ __/( __ ( ____ | /( ___ )( __ ( ____ (
Publish At:2020-12-10 16:51 | Read:207 | Comments:0 | Tags: exploit

Expert published PoC exploit code for Kerberos Bronze Bit attack

The proof-of-concept exploit code for the Kerberos Bronze Bit attack was published online, it allows intruders to bypass authentication and access sensitive network services The proof-of-concept exploit code for the Kerberos Bronze Bit attack, tracked as CVE-2020-17049, was published online this week. The hacking technique could be exploited by attackers
Publish At:2020-12-10 14:25 | Read:264 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Windows Kerberos Bronze Bit attack gets public exploit, patch now

Proof-of-concept exploit code and full details on a Windows Kerberos security bypass vulnerability have been published earlier this week by Jake Karnes, the NetSPI security consultant and penetration tester who reported the security bug to Microsoft.The security bug tracked as CVE-2020-17049 and patched by Microsoft during November 2
Publish At:2020-12-10 14:13 | Read:198 | Comments:0 | Tags:Security Microsoft exploit

S3 Ep10: Hacking iPhones, sunken Enigmas and double scams

byPaul DucklinIn this episode, we dig into research that figured out a way to steal data from iPhones wirelessly; we tell the fascinating story of how environmentalist divers in Germany came across an old Enigma cipher machine at the bottom of the Baltic sea; and we give you advice on how to talk to phone scammers.With Kimberly Truong, Doug Aamoth and Paul D
Publish At:2020-12-10 10:43 | Read:305 | Comments:0 | Tags:Apple iOS Podcast Privacy Spam Cryptography enigma Exploit h

Cisco fixes exploitable RCEs in Cisco Security Manager

Cisco released security updates to fix multiple pre-authentication RCE flaws with public exploits affecting Cisco Security Manager. Cisco has released security updates to address multiple pre-authentication remote code execution vulnerabilities with public exploits affecting Cisco Security Manager (CSM). CSM provides a comprehensive management solution fo
Publish At:2020-12-07 18:20 | Read:165 | Comments:0 | Tags:Breaking News Security CISCO Cisco Security Manager Hacking

Russian Hackers Exploiting Recently Patched VMware Flaw, NSA Warns

Russian state-sponsored hackers have been exploiting a vulnerability that VMware patched recently in some of its products, the National Security Agency (NSA) warned on Monday.The vulnerability is tracked as CVE-2020-4006 and it has been found to impact the VMware Workspace ONE Access identity management product and some related components, including Identity
Publish At:2020-12-07 18:17 | Read:247 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Risk Management Vuln

Cisco fixes Security Manager vulnerabilities with public exploits

Cisco has released security updates to address multiple pre-authentication vulnerabilities with public exploits affecting Cisco Security Manager that could allow for remote code execution after successful exploitation.Cisco Security Manager helps manage security policies on a large assortment of Cisco security and network devices, and it also
Publish At:2020-12-07 16:01 | Read:203 | Comments:0 | Tags:Security exploit security

Russia-linked hackers actively exploit CVE-2020-4006 VMware flaw, NSA warns

The National Security Agency (NSA) warns that Russia-linked hackers are exploiting a recently patched VMware flaw in a cyberespionage campaign. The US National Security Agency has published a security alert warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from their t
Publish At:2020-12-07 15:42 | Read:174 | Comments:0 | Tags:APT Breaking News Hacking Intelligence hacking news informat

NSA: Russian state hackers exploit new VMware vulnerability to steal data

The National Security Agency (NSA) warns that Russian state-sponsored threat actors are exploiting a recently patched VMware vulnerability to steal sensitive information after deploying web shells on vulnerable servers."NSA encourages National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to
Publish At:2020-12-07 12:07 | Read:198 | Comments:0 | Tags:Security Vulnerability exploit hack

Common Container Manager Is Vulnerable to Dangerous Exploit

Container manager vulnerability is one of several weaknesses and vulnerabilities recently disclosed for Docker.A vulnerability in the way a common container management component spawns a service called a "shim" could allow unauthorized third parties to initiate containers with arbitrary contents and arbitrary permission levels.Related Content: Containers for
Publish At:2020-12-03 20:38 | Read:287 | Comments:0 | Tags: exploit

Impressive iPhone Exploit

This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device­ — over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable­ — meaning radio-proximity e
Publish At:2020-12-02 16:44 | Read:227 | Comments:0 | Tags: exploit

How to steal photos off someone’s iPhone from across the street

byPaul DucklinWell-known Google Project Zero researcher Ian Beer has just published a blog post that is attracting a lot of media attention.The article itself has a perfectly accurate and interesting title, namely: An iOS zero-click radio proximity exploit odyssey.But it’s headlines like the one we’ve used above that capture the practical essence
Publish At:2020-12-02 15:31 | Read:429 | Comments:0 | Tags:Apple iOS Vulnerability Exploit hacking Ian Beer Project Zer

Tools

Tag Cloud