HackDig : Dig high-quality web security articles for hacker

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:365 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

Microsoft confirmed it won’t fix kernel issue that could be exploited to evade antivirus

A design flaw within the Windows kernel could be exploited by attackers to evade antivirus and stop them from recognizing malware. A design flaw within the Windows kernel is the root cause for antivirus stopping from recognizing malware, and the bad news is that Microsoft won’t fix it because the tech giant doesn’t consider it as a security issue
Publish At:2017-09-09 05:30 | Read:286 | Comments:0 | Tags:Breaking News Hacking kernel Microsoft PsSetLoadImageNotifyR

Zimperium researcher released an iOS Kernel Exploit PoC

Zimperium Researcher Adam Donenfeld released an iOS Kernel Exploit PoC that can be used to gain full control of iOS mobile devices. Researcher Adam Donenfeld of mobile security firm Zimperium published a Proof-of-concept (PoC) for recently patched iOS vulnerabilities that can be chained to gain full control of iOS mobile devices. The expert called the PoC ex
Publish At:2017-08-28 14:00 | Read:436 | Comments:0 | Tags:Breaking News Hacking Mobile Apple iOS Kernel Exploit kernel

Zero-Day Exploits – Your Days are Numbered! [infographic]

News stories involving zero-day Windows kernel exploits seemingly never end. Fresh examples abound with alarming regularity and devastating effects, often involving defects with a dwell time of many months before they are formally addressed by patch updates. Despite a sustained focus by Microsoft on improving cybersecurity top to bottom, dubious new records
Publish At:2017-04-21 22:10 | Read:931 | Comments:0 | Tags:Threats backlog exfiltrate kernel microsoft NSA operating sy

CVE-2016-7461 code execution flaw affects VMware Workstation

VMware has patched a critical out-of-bounds memory access vulnerability, tracked as CVE-2016-7461, affecting its Workstation and Fusion products. The flaw, that resides in the affects the drag-and-drop function, can be exploited by attackers to execute arbitrary code on the host operating system running Fusion or Workstation. The security vulnerability affec
Publish At:2016-11-15 08:15 | Read:1436 | Comments:0 | Tags:Breaking News Hacking 2016 PwnFest CVE-2016-5195 CVE-2016-74

Shut up snitch! – reverse engineering and exploiting a critical Little Snitch vulnerability

Little Snitch was among the first software packages I tried to reverse and crack when I started using Macs. In the past I reported some weaknesses related to their licensing scheme but I never audited their kernel code since I am not a fan of I-O Kit reversing. The upcoming DEF CON presentation on Little Snitch re-sparked my curiosity last week and it was fi
Publish At:2016-07-23 01:05 | Read:1534 | Comments:0 | Tags:Mac Reversing Security kauth kernel socket filters vulnerabi

Zimperium Applauds Google’s Rapid Response to Unpatched Kernel Exploit

On March 15th, Zimperium’s zIPS Mobile Threat Protection solution identified a zero-day mobile attack and its zLabs research team immediately reported the exploit to the Android Security Team. The reported attack is delivered via a publicly-available rooting application, KingRoot, using an unpatched local elevation of privilege vulnerability in the ker
Publish At:2016-03-25 13:25 | Read:1249 | Comments:0 | Tags:Mobile Malware Mobile security Research Android cve 2015-180

Linux bug imperils tens of millions of PCs, servers, and Android phones

For almost three years, millions of servers and smaller devices running Linux have been vulnerable to attacks that allow an unprivileged app or user to gain nearly unfettered root access. Major Linux distributors are expected to fix the privilege escalation bug this week, but the difficulty of releasing updates for Android handsets and embedded devices means
Publish At:2016-01-20 07:40 | Read:1319 | Comments:0 | Tags:Risk Assessment Technology Lab android embedded devices expl

Flipping bits in the Windows Kernel

Recently, the MS15-061 bulletin has received some attention. This security bulletin includes patches for several Windows Kernel vulnerabilities, mainly related to win32k.sys. Details of one of them, discovered by Udi Yavo, have been very well covered. First, the same Udi Yavo published details about the Use After Free on a blog entry. Later, Dominic Wan
Publish At:2015-10-01 15:05 | Read:1131 | Comments:0 | Tags:metasploit windows kernel ms15-061

A debugging session in the kernel

Last week, an awesome paper about the MS15-078 vulnerability and it's exploitation was published by Cedric Halbronn. This vulnerability, originally found and exploited by Eugene Ching, already has a work-in-progress module in Metasploit, which you can follow on github. I recommend checking all the materials above, not only if you enjoy windows kernel ex
Publish At:2015-09-11 01:05 | Read:2712 | Comments:0 | Tags:metasploit windows kernel ms15-078

Millions of Routers open to attack due to a NetUSB flaw

A simple vulnerability has been uncovered in the NetUSB component, millions of modern routers and other IoT devices are exposed to the risk of cyber attacks The security expert Stefan Viehbock from SEC Consult Vulnerability Lab has reported a critical vulnerability (CVE-2015-3036) that potentially affects millions of routers a
Publish At:2015-05-20 22:25 | Read:1360 | Comments:0 | Tags:Breaking News Hacking DOS Internet of Things kernel LINUX Ne

Cutting-edge hack gives super user status by exploiting DRAM weakness

In one of more impressive hacks in recent memory, researchers have devised an attack that exploits physical weaknesses in certain types of DDR memory chips to elevate the system rights of untrusted users of Intel-compatible PCs running Linux.The technique, outlined in a blog post published Monday by Google's Project Zero security initiative, works by rev
Publish At:2015-03-10 13:35 | Read:1454 | Comments:0 | Tags:Risk Assessment Technology Lab DDR3 DRAM escalation of privi

Linux hits 23 - the Time Machine that changed the world!

Linux reached the entirely respectable age of 23 this week, more or less.More or less 23, that is, not more or less respectable.25 August 1991 was the day that a Finnish student named Linus Torvalds announced that he was working on a hobby operating system, and invited people to say what they'd like to see in it.Ironically, because his project didn't have a
Publish At:2014-08-27 19:50 | Read:1576 | Comments:0 | Tags:BlackBerry Featured kernel Linux microkernel minix QNX Tanen

How to reboot Linux automatically on Kernel Panic

Luckily this problem don’t happen so frequently, at least using stable kernel and distributions, but sometime your beloved Linux could go in “Kernel Panic”. A kernel panic is an action taken by an operating system upon detecting an internal fatal error from which it cannot safely recover. The term is largely specific to Unix and Unix-like
Publish At:2014-08-23 21:00 | Read:1531 | Comments:0 | Tags:Guides kernel Kernel Panic linux operating system sysctl Sys

A Short Tale About executable_stack in elf_read_implies_exec() in the Linux Kernel

by Alejandro Hernández @nitr0usmx This is a short andbasic analysis I did when I was uncertain about code execution in the datamemory segment. Later on, I describe what’s happening in the kernel side as wellas what seems to be a small logic bug.I’m not a kernelhacker/developer/ninja; I’m just a Linux user trying to figure out the reas
Publish At:2014-08-12 01:40 | Read:1832 | Comments:0 | Tags:Alejandro Hernandez asm code ELF ioactive kernel linux nitr0

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud