HackDig : Dig high-quality web security articles for hacker

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:1415 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

Experts spotted Triada Trojan in firmware of low-cost Android smartphones

Malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones. Another case of pre-installed malware make the headlines, malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones, including
Publish At:2017-07-29 17:25 | Read:1015 | Comments:0 | Tags:Breaking News Malware Mobile Android malware mobile pre-inst

With this PHP rootkit you can take over a server hiding it in PHP server modules

The Dutch developer Luke Paris has created a PHP rootkit that hides in PHP server modules, he also explained why it is more dangerous of classic rootkits. The Dutch developer Luke Paris has created a rootkit that hides in PHP server modules that could be used by attackers to take over web servers. While classic rootkits work on the lowest levels of the opera
Publish At:2017-06-17 22:10 | Read:1126 | Comments:0 | Tags:Breaking News Hacking malware PHP rootkit rootkit

Backdoor keys allow attackers to the bypass UEFI Secure Boot

Once again Microsoft failed in fixing a severe Secure Boot vulnerability that can be exploited to install rootkits on Windows devices. Microsoft has accidentally leaked the Secret keys to Bypass UEFI Secure Boot. The Secure Boot is a UEFI (Unified Extensible Firmware Interface) feature that should prevent the execution of unauthorized code during the boot
Publish At:2016-08-11 05:55 | Read:1795 | Comments:0 | Tags:Breaking News Hacking Microsoft rootkit Secure Boot UEFI Uni

SyScan360 Singapore 2016 slides and exploit code

The exploit for the bug I presented last March at SyScan360 is today one year old so I decided to release it. I wasn’t sure if I should do it or not since it can be used in the wild but Google Project Zero also released a working version so it doesn’t really make a difference. I’m also publishing here the final version of the slides that di
Publish At:2016-04-28 00:35 | Read:1309 | Comments:0 | Tags:Security exploit rootkit vulnerability

Triada Trojan the most sophisticated mobile malware seen to date

Kaspersky Lab recently spotted a new Android malware dubbed Triads Trojan, which they say is the most advanced mobile malware seen to date. Malware researchers at Kaspersky Lab have discovered a new strain of malware, dubbed Triada (Backdoor.AndroidOS.Triada), targeting Android devices, which they consider the most advanced mobile threat seen to date.  The r
Publish At:2016-03-10 23:15 | Read:1505 | Comments:0 | Tags:Breaking News Malware Mobile Android Cybercrime malware mobi

London and Asia EFI monsters tour!

Finally back home from China and Japan tour, so it’s time to finally release the updated slides about EFI Monsters. After Secuinside I updated them a bit, fixing stuff I wasn’t happy with and adding some new content. The updated version was first presented at 44CON London. I had serious reservations about going to the UK (not even in transit!) bu
Publish At:2016-01-24 20:35 | Read:1022 | Comments:0 | Tags:Mac Reversing Security backdoor EFI rootkit

Yet malicious software found on Lenovo PCs

Chinese computer manufacturers Lenovo has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit. Lenovo firm was accused several times to supplying equipment for networks of the intelligence and defense services various countries that allowed the Chinese Government to run espion
Publish At:2015-08-13 10:50 | Read:1084 | Comments:0 | Tags:Breaking News Hacking espionge Lenovo rootkit spyware

Lenovo Hit With Criticism Over Second Rootkit-Like Utility

Lenovo is under fire again for installing a covert utility on laptops and desktops that some users have compared to a rootkit.The issue stems from a utility called the Lenovo Service Engine, that is designed to collect some system information and send it to Lenovo at the time the machine connects to the Internet. But some Lenovo users discovered that even af
Publish At:2015-08-13 10:10 | Read:1896 | Comments:0 | Tags:Malware Vulnerabilities Lenovo malware rootkit Superfish

Thunderstrike 2 rootkit infects Mac firmware

A security researcher developed an improved version of the Thunderstrike rootkit that uses Thunderbolt accessories to infect the Mac firmware. Earlier this year, security expert Trammell Hudson presented a proof-of-concept firmware called Thunderstrike. Thunderstrike is a hacking technique to infect Apple’s Mac PCs with EFI Bo
Publish At:2015-08-05 10:15 | Read:1206 | Comments:0 | Tags:Breaking News Hacking Malware Apple malware rootkit Thunderb

Hacking Team will be back to business soon

The Hacking Team CEO David Vincenzetti announced that the popular surveillance company will be back to business vert soon, but experts have many doubts. After the embarrassing data breach suffered by the Hacking Team, the surveillance company plans to rebuild the “empire”. The hackers likely haven’t stolen the enti
Publish At:2015-07-15 07:40 | Read:1238 | Comments:0 | Tags:Breaking News Hacking Intelligence Laws and regulations Malw

Hacking Team Spyware uses a UEFI BIOS Rootkit to gain persistence

Documents leaked online after the Hacking Team hack revealed that the company used a UEFI BIOS rootkit to gain persistence for its spyware software. The recent data breach suffered by the surveillance firm Hacking Team is shocking the IT security industry, the hackers leaked company emails, source codes and contracts reveali
Publish At:2015-07-15 07:40 | Read:1424 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Intelligence Malware Explo

Rootkits: User Mode & Kernel Mode

In this article, we will learn about what rootkits are and how they operate. The focus will be on two types of Rootkits exploits: User Mode & Kernel Mode, what are the various ways in which rootkits exploit in both modes. In this part we will learn about the ‘Rootkit Category: User-Mode‘ only.What are Rootkits?Rootkits are collection of
Publish At:2015-07-10 23:10 | Read:1113 | Comments:0 | Tags:General Security Hacking general security rootkit

Prince Harming and Dark Jedi Sent Packing by Apple’s Latest OS X Update

Earlier this week, Apple released updates for OS X and iOS, incorporating a raft of security patches. (What is the correct collective noun for patches anyway? A quilt?)Amongst the fixes were a patch for the boobytrapped message that mischief-makers could send to your iPhone to cause it to crash. So, if you didn't find the idea of your friends and enemies rem
Publish At:2015-07-02 18:30 | Read:1878 | Comments:0 | Tags:Apple Malware Dark Jedi EFI Mac EFI Security Update 2015-001

Reversing Prince Harming’s kiss of death

The suspend/resume vulnerability disclosed a few weeks ago (named Prince Harming by Katie Moussouris) turned out to be a zero day. While (I believe) its real world impact is small, it is nonetheless a critical vulnerability and (another) spectacular failure from Apple. It must be noticed that firmware issues are not Apple exclusive. For example, Gigabyte shi
Publish At:2015-06-30 20:50 | Read:3638 | Comments:0 | Tags:Mac Reversing Security EFI patches rootkit vulnerability


Share high-quality web security related articles with you:)


Tag Cloud