HackDig : Dig high-quality web security articles

Attacks on Ukraine communications are a major part of the war

p>Since the start of the Russian invasion of Ukraine, the war on the battlefield has been accompanied by cyber attacks. Those attacks against critical infrastructure have knocked out banking and defense platforms, mostly by targeting several communication systems. In a timeline set up by NetBlocks, you can follow individual attacks on communication servic
Publish At:2022-03-29 12:53 | Read:781 | Comments:0 | Tags:Reports communications ddos disruption iaea injection interf

[SANS ISC] Python DLL Injection Check

I published the following diary on isc.sans.edu: “Python DLL Injection Check“: They are many security tools that inject DLL into processes running on a Windows system. The classic examples are anti-virus products. They like to inject plenty of code that, combined with API hooking, implements security checks. If DLLs are injected into processes
Publish At:2021-07-07 08:22 | Read:1287 | Comments:0 | Tags:Python SANS Internet Storm Center Security Anti-debugging De

[SANS ISC] Defenders, Know Your Operating System Like Attackers Do!

I published the following diary on isc.sans.edu: “Defenders, Know Your Operating System Like Attackers Do!“: Not a technical diary today but more a reflection… When I’m teaching FOR610, I always remind students to “RTFM” or “Read the F… Manual”. I mean to not hesitate to have a look at the Microsoft document when they meet an API c
Publish At:2021-03-17 08:13 | Read:1648 | Comments:0 | Tags:Malware SANS Internet Storm Center Security API Call FLOSS I

Injection Attacks: The Least Glamorous Attack Is One of the Most Threatening

Very little in life grabs our attention like a shiny new object. The gleam can be irresistible, the glitter mesmerizing. That’s how it is in cybersecurity, where the landscape is almost always dotted with alluringly novel hazards. Brand new threats, fresh twists on old threats — the shiny malicious objects just keep on coming, year in and year out. 201
Publish At:2017-11-02 13:10 | Read:8506 | Comments:0 | Tags:Threat Intelligence IBM Managed Security Services (MSS) IBM

The Educator’s Back-to-School Cybersecurity Checklist: Make Mitigating Command Injection a Priority

Pencils? Check. Notebooks? Check. Web applications and servers patched and sanitized? Hopefully. In many parts of the world, educators and students in primary, secondary and higher education institutions are reviewing their checklists to ensure academic preparedness for the new school year. But what about the education sector’s IT workers? What should
Publish At:2017-08-30 20:10 | Read:5886 | Comments:0 | Tags:Risk Management Threat Intelligence Academia Data Protection

Kapustkiy hacked the website of the Costa Rica Embassy in China

The popular hacker Kapustkiy continues to target websites of embassies across the world, the last victim is the Costa Rica Embassy in China. The hacker Kapustkiy continues its string of hack, today he announced a news data breach, the victim is the Costa Rica Embassy in China. Kapustkiy accessed a database containing 280 login credentials, but just published
Publish At:2016-12-23 01:45 | Read:5099 | Comments:0 | Tags:Breaking News Data Breach Hacking Costa Rica Embassy data br

Kapustkiy hacked the Slovak Chamber of Commerce

Kapustkiy announced the data breach of the Slovak Chamber of Commerce (www.scci.sk), more than 4,000 users record were accessed. New Week, new hack! This is Kapustkiy ‘s motto that announced the breach of the Slovak Chamber of Commerce (www.scci.sk). The popular hacker accessed data belonging to more than 4,000 users and published it on Pastebin. The h
Publish At:2016-12-20 00:00 | Read:5965 | Comments:0 | Tags:Breaking News Data Breach Hacking data breach Injection Slov

Android Native API Hooking with Library Injection and ELF Introspection.

This post can be considered both the part 2 of the previous "Dynamically inject a shared library into a running process on Android/ARM" and a proof of concept of the same, namely what can be done with library injection on Android. TL;DR I've updated the source code of the arminject project on github adding a library that once injected into a process will
Publish At:2015-05-04 23:30 | Read:9305 | Comments:0 | Tags:hooking api hooking library android injection elf relocation

Dynamically inject a shared library into a running process on Android/ARM

If you're familiar with Windows runtime code injection you probably know the great API CreateRemoteThread which lets us force an arbitrary running process to call LoadLibrary and load a DLL into its address space, this technique called DLL Injection is often used to perform user space API hooking, you can find a good post about it on Gianluca Braga's blog.
Publish At:2015-05-02 05:45 | Read:7434 | Comments:0 | Tags:hooking api hooking library android injection ptrace remote

75,000 GBP Fine For SQL Injection From ICO But With 90% Discount

Lancaster-based apartment booking company Worldview Limited has been fined under the Data Protection Act for allowing unauthorised access to customers' details. The company operates under two UK brands, Citybase Apartments and Central London Apartments.Although customers' payment details had been encrypted, the means to decrypt the information - known as the
Publish At:2014-11-07 09:15 | Read:11463 | Comments:0 | Tags:injection corrective technical SQL vulnerabilities data prot

OWASP Snakes and Ladders

In a month's time we will probably be in full office party season. I have been preparing something fun to share and use, that is an awareness document for application security risks and controls.Snakes and Ladders is a popular board game, with ancient provenance imported into Great Britain from Asia by the 19th century. The original game showed the effects o
Publish At:2014-11-06 06:15 | Read:7686 | Comments:0 | Tags:preventative data protection code injection business logic p

Ametys CMS 3.5.2 (lang parameter) XPath Injection Vulnerability

Input passed via the ‘lang’ POST parameter in the newsletter plugin is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code. Advisory: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5162.php
Publish At:2014-08-13 01:56 | Read:8346 | Comments:0 | Tags:Internal advisory ametys CMS data injection manipulation rem

BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability

BoxBilling suffers from a stored cross-site scripting vulnerability. Input passed to the ‘message’ POST parameter thru the ‘Notification Center’ extension/module is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of a
Publish At:2014-08-13 01:56 | Read:7248 | Comments:0 | Tags:Internal advisory boxbilling cross-site html injection javas

Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities

Multiple stored XSS and CSRF vulnerabilities exist when parsing user input to several POST parameters. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious w
Publish At:2014-08-13 01:55 | Read:6214 | Comments:0 | Tags:Internal advisory application crm csrf exploit flaw html inj


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud