Newly discovered Malware called “Roaming Mantis” infiltrate the Android smartphones using a technique known as DNS hijacking and steal the sensitive information from compromised victims Android devices. DNS hijacking is a type of Malicious attack that used to redirect the users to the malicious website when they visit the website via compromised routers or attackers […]
Users of popular cell phone carrier T-Mobile could have been in great trouble because a British hacker researcher Kane Gamble identified a security flaw on T-Mobile website that has been termed as ‘critical.’ The flaw already has been reported to the firm and patched by T-Mobile. The yet unrevealed flaw is believed to be so […]
Another day, another malware – This time TrickBot’s variant is stealing Bitcoin by hacking cryptocurrency transactions. TrickBot malware, which emerged in late 2016, has taken the cyber world by storm. TrickBot is a type of destructive code offering a combo of redirection and web injection attacks. It does not directly attack banks or blockchains but […]
A wide Spread EMOTET malware emerging again with new stealthy capabilities to hijack the Windows API and evade the sandbox detection which also gives more pain for Malware analysis. Previous future called RunPE that is used for hiding malware into the Legitimate process to evade the security scanners and inject its code into windows executable process. In […]
A password stealing Trojan called AdService is being quietly distributed by adware bundles that typically install other programs such as Russian adware, extensions, clickers, adware, and fake system optimization programs. AdService uses Chrome DLL hijacking to load itself when Chrome is executed so that it can steal information from Facebook and Twitter accounts. AdService Executes via Chrome […]
GitLab is a widely used SaaS provider that focuses on developer related issues, including Git repository management, issue tracking and code review. During a recent pen test of GitLab (I wanted to see the service was a good fit to use at Incapsula), I was surprised to come across a vulnerability that leaves users exposed […]
The Vault7 saga is far from over, and every passing week we are being introduced to a new set of tricks and tools that were allegedly used by the CIA for invading the privacy of security systems. CIA’s Dumbo Project is a system designed to manipulate Microphones, webcams and similar other devices installed on Microsoft […]
CookieCatcher is an open source application that allows you perform session hijacking (cookie stealing) through XSS (cross site scripting). Features Prebuilt payloads to steal cookie data Just copy and paste payload into an XSS vulnerability Will send email notification when new cookies are stolen Will attempt to refresh cookies every 3 minutes to avoid inactivity […]
A 29-year-old man pleaded guilty in court on Friday to hijacking over 900,000 routers from the network of Deutsche Telekom, according to several reports in the German press [1, 2, 3, 4]. The man is the hacker known as BestBuy, also known as Popopret. German authorities have not released the man’s name but referenced him under the nickname […]
Microsoft’s Antimalware Scan Interface (AMSI) was introduced in Windows 10 as a standard interface that provides the ability for AV engines to apply signatures to buffers both in memory and on disk. This gives AV products the ability to “hook” right before script interpretation, meaning that any obfuscation or encryption has gone through their respective […]
Oracle’s next quarterly Critical Patch Update is slated for July 18, but two vulnerabilities in an older version of the company’s Oracle Access Manager (OAM) solution won’t be among the bugs patched. Version 10g of the software, Oracle’s solution for web access management and user administration, suffers from two issues: an open redirect vulnerability, and […]
Researchers have identified a strain of cookie stealing malware injected into a legitimate JavaScript file, that masquerades as a WordPress core domain. Cesar Anjos, a security analyst at Sucuri, a firm that specializes in WordPress security, came across the malware during an incident response investigation and described it in a blog post Tuesday. Anjos says […]
Telnet security flaw fix finally lands – or just use SSH, yeah? Cisco has patched a critical security flaw in its switches that can be potentially exploited by miscreants to hijack networks – a flaw disclosed in the Vault 7 leak of CIA files. Switchzilla says the vulnerability, CVE-2017-3881, can be exploited remotely by simply […]
Whatsapp accounts are based on phone numbers. This means your phone number is your username and it’s also used for authentication. While this is not perfect from a privacy standpoint it saves the, often non-technical, user from having to remember yet another password that they could potentially reuse or, even worse, disclose through a phishing […]
Almost years again, we warned users approximately publicly on hand MongoDB instances – almost six hundred Terabytes (TB) – over the internet which require no authentication, probably leaving websites and servers liable to hacking. these MongoDB instances weren’t exposed because of any flaw in its software program, but due to a misconfiguration (horrific safety exercise) […]
Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host. t will be as simple as Occidental; in fact, it will be Occidental. To an English […]
Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host. This tool comes with pre-configured filters but it will allow users to improve them when lunching the […]
Benjamin Dumke-von der Ehe found an interesting way to steal data cross domain. Using JS proxies he was able to create a handler that could steal undefined JavaScript variables. This issue seems to be patched well in Firefox however I found a new way to enable the attack on Edge. Although Edge seems to prevent […]
Adversaries who have compromised one system in a network frequently hijack the network traffic of other systems on the same subnet to intercept passwords, infect software downloads and updates, spy on browsing or email traffic, or launch other denial-of-service or man-in-the-middle attacks. The easiest and most common ways adversaries accomplish this is by responding to […]
Third-party applications that allow single sign-on via Facebook and Google and support the OAuth 2.0 protocol, are exposed to account hijacking. Three Chinese University of Hong Kong researchers presented at Black Hat EU last week a paper called “Signing into One Billion Mobile LApp Accounts Effortlessly with OAuth 2.0.” The paper describes an attack that […]
At the time of writing, everything is back to normal. Blockchain.info, the largest web-based Bitcoin wallet, suffered a DNS hijacking attack today when users accessing the site were pointed to the wrong servers, exposing visitors to all sorts of attacks. The incident took place around 11:00 GMT when the site’s DNS information changed from CloudFlare […]