HackDig : Dig high-quality web security articles for hacker

Zerodium is offers $1 Million for Tor Browser Exploits

The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor browser to law enforcement and governm
Publish At:2017-09-14 03:50 | Read:196 | Comments:0 | Tags:Breaking News Deep Web Hacking Bug Bounty exploits Pierluigi

Expert disclosed 10 zero-day vulnerabilities in D-Link DIR 850L wireless routers

The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in D-Link DIR 850L routers and invites users to stop using them. The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in routers from networking equipment manufacturer D-Link that open owners to cyber attacks. The flawed devices are the
Publish At:2017-09-11 20:30 | Read:267 | Comments:0 | Tags:Breaking News Hacking backdoor D-Link DIR 850L wireless rout

Zerodium payouts for Messaging, Email App Exploits are $500,000

Zerodium payouts include up to $500,000 for RCE and privilege escalation vulnerabilities affecting popular instant messaging and email applications. The zero-day and exploit broker Zerodium, founded by former VUPEN co-founder Chaouki Bekrar, offers $500,000 for a zero-day exploit in secure messaging Messaging (i.e. such as WhatsApp, Signal, Facebook Messenge
Publish At:2017-08-25 12:20 | Read:199 | Comments:0 | Tags:Breaking News Hacking zero-Day Zerodium payouts exploit

Experts at ZDI reported two critical Zero-Day flaws in Foxit PDF Reader

Experts found two critical zero-day flaws in the Foxit PDF Reader that could be exploited by attackers to execute arbitrary code on a targeted computer Security researchers have discovered two critical zero-day vulnerabilities in the popular Foxit Reader application that could be exploited by attackers to execute arbitrary code on a targeted computer, if no
Publish At:2017-08-22 13:35 | Read:199 | Comments:0 | Tags:Breaking News Hacking Foxit PDF Reader RCE ZDI zero-Day

Tor launches Bug Bounty Program, hackers can earn between $2,000 and $4,000 for high severity flaws

The Tor Project announced the launch of a public bug bounty program. Bug hunters can earn between $2,000 and $4,000 for high severity flaws. It’s official, the Tor Project announced the launch of a public bug bounty program through the HackerOne platform, the initiative was possible with support from the Open Technology Fund. “With support from t
Publish At:2017-07-20 22:05 | Read:321 | Comments:0 | Tags:Breaking News Deep Web Digital ID Hacking anonymity privacy

The Stuxnet vulnerability is still one of the most exploited flaws in the wild by hackers

A new report published by Kaspersky confirms that Stuxnet exploits targeting a Windows Shell Vulnerability is still widely adopted by threat actors. The case that I’m going to present you demonstrates the importance of patch management and shows the effects of the militarization of the cyberspace. Unpatched software is an easy target for hackers that c
Publish At:2017-04-21 17:25 | Read:554 | Comments:0 | Tags:Uncategorized CVE-2010-2568 Kaspersky malware state sponsore

Cisco warns of two critical issues in IOS and Apache Struts

Cisco issued two “critical” security advisories, one for Cisco IOS and Cisco IOS XE Software, another for a flaw affecting Apache Struts 2. Today Cisco issued two “critical” security advisories, the first one for Cisco IOS and Cisco IOS XE Software, the second one for the recently discovered flaw affecting Apache Struts 2. The vulnerability in Cisco IOS affe
Publish At:2017-04-17 02:55 | Read:651 | Comments:0 | Tags:Breaking News Hacking Apache Struts CVE-2017-5638 RCE zero-D

Over 8.3 million live websites using IIS 6.0 are affected by a Zero-Day

Millions of websites are affected by a buffer overflow zero-day vulnerability, tracked as CVE-2017-7269, that resides in the IIS 6.0. The II6 6.0 zero-day flaw was discovered by two researchers with the Information Security Lab & School of Computer Science & Engineering, South China University of Technology Guangzhou, China who published a PoC code e
Publish At:2017-03-29 21:35 | Read:515 | Comments:0 | Tags:Breaking News Hacking IIS 6.0 flaw Microsoft zero-Day

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2

Canada Revenue Agency confirmed it shut down its website for filing federal taxes due to a cyber attack leveraging the CVE-2017-5638 flaw in Apache Struts 2 The Canada Revenue Agency (CRA) confirmed it shut down its website for filing federal taxes after hackers broke into the server at the nation’s statistics bureau. The security breach occurred last
Publish At:2017-03-14 12:30 | Read:936 | Comments:0 | Tags:Breaking News Hacking Apache Struts Apache Struts 2 Canada R

Patch Apache Struts 2 Now! Hackers are exploiting a remote code execution zero-day in the wild

Researchers have spotted a remote code execution zero-day in Apache Struts 2, the flaw has being exploiting by that threat actors in the wild. Security researchers have spotted a remote code execution zero-day, tracked as CVE-2017-5638, in Apache Struts 2, and the bad news is that threat actors in the wild are already exploiting it. According to the experts
Publish At:2017-03-09 18:50 | Read:805 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Apache Struts CVE-2017-563

US-CERT is warning about a Windows SMB zero-day flaw

The US-CERT issued a security advisory to warn of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited by a remote attacker. The US-CERT is warning of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited to cause a denial of service condition or exec
Publish At:2017-02-04 10:50 | Read:1084 | Comments:0 | Tags:Breaking News Hacking SMB Windows zero-Day

The Plone community claims the FBI hack is a fake, it’s a mystery

CyberZeist claims that he hacked the FBI’s website exploiting a zero-day flaw in Plone, but the Plone security team declared the FBI hack is a hoax. Security Affairs was probably the first blog to spread the news of the alleged FBI hack. I was contacted by the notorious hacker CyberZeist, he is very popular in the hacking community due to his past hacks. Cyb
Publish At:2017-01-06 18:30 | Read:1178 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime CyberZeist data

Adobe patches multiple flaws including a Flash Zero-Day exploited in the wild

Adobe issued security patches that address multiple flaws in 9 products, including fixes for zero-day vulnerabilities that has been exploited in the wild. Adobe has issued security updates to fix vulnerabilities in nine products, including patches for zero-day flaws that has been exploited in targeted attacks. The version 24.0.0.186 of Flash Player addresses
Publish At:2016-12-13 19:45 | Read:1164 | Comments:0 | Tags:Breaking News Hacking Adobe Adobe Flash CVE-2016-7892 securi

SCADA Sssh! Don’t Talk, Filter it

The effects of cyber-attacks against SCADA/ICS are well known, however, there is a great confusion when dealing with mitigation techniques. The Majority are aware of the impact cyber-attacks can have on Industrial Control Systems however, the reality in terms of mitigation techniques are shrouded with confusion and a reactive approach. Recent 0-day vulnerabi
Publish At:2016-11-10 06:35 | Read:1062 | Comments:0 | Tags:Breaking News Hacking Havex ICS Panel Shock SCADA stuxnet ze

Microsoft patches CVE-2016-7255 Windows zero-day exploited by Fancy Bear

Microsoft has issued a security patch that fixes the zero-day vulnerability tracked as CVE-2016-7255 exploited by Russian hackers. Microsoft has issued security patches that fixed also the zero-day vulnerability exploited by Russian hackers. One of the zero-days tracked as CVE-2016-7255  has been patched in the MS16-135 bulletin that also addresses two infor
Publish At:2016-11-09 12:15 | Read:1277 | Comments:0 | Tags:Breaking News Hacking Security CVE-2016-7255 Google Kernet W

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud