I came across this nasty-looking script that hijacks your browser. It appears to have been around in some shape or form since 2014 but this latest version deploys an aggressive tactic I’ve not seen before. Here’s what this script looks like: The script is composed of variables and functions but finding the beginning and ending […]
Off-path attack means malicious hackers can be located anywhere on the Internet. An estimated 80 percent of Android phones contain a recently discovered vulnerability that allows attackers to terminate connections and, if the connections aren’t encrypted, inject malicious code or content into the parties’ communications, researchers from mobile security firm Lookout said Monday. As Ars reported […]
“Off-path” attack means hackers can be anywhere with no man-in-the-middle needed. Computer scientists have discovered a serious Internet vulnerability that allows attackers to terminate connections between virtually any two parties and, if the connections aren’t encrypted, inject malicious code or content into the parties’ communications. The vulnerability resides in the design and implementation of RFC […]
Audacity and Classic Shell software downloads affected. A hacking crew that goes by the name of PeggleCrew has compromised Fosshub and embedded malware inside the files hosted on the website and offered for download. According to Cult of Peggle, one of the group’s four members, the team breached the website and embedded a malware payload inside some […]
Before discovering my latest Magento RCE, I’ve found two different vulnerabilities, both resulting in the complete compromise of customer data and/or the server. As they are far less complicated, I’m presenting both of them in this single blog post for your convenience. Vulnerable Versions Magento EE & CE 2.x.x before 2.0.6. Re-Installation – Technical Description Some […]
While doing some research on the inner workings of Microsofts new Antimalware Scan Interface technology within Windows 10, i found a DLL loading vulnerabilty within PowerShell 5. The reason i did some research is because some offensive PowerShell scripts i use within my own Red Teaming tool called p0wnedShell are getting blocked by Windows Defender […]
A while back I was exploring userland COM and stumbled across some 2011 research by Jon Larimer explaining the dangers of per-user COM objects. Recently Casey Smith (@subtee)started digging into COM and its implications as well, which motivated me to finish the research I had started. After some poking around, I found out that you […]
Google removes Chrome extension that hijacked Web browsers. Google has intervened and banned the Better History Chrome extension from the Chrome Web Store after users reported that it started taking over their browsing experience and redirecting them to pages showing ads. First signs that something was wrong appeared when users updated from version 3.9.7 to 3.9.8 after […]
Crook hijacks iCloud account, locks victim’s Mac.Crooks have discovered a method of turning Apple’s security features against the company’s users, hijacking Apple iCloud accounts and making them behave as ransomware, locking users out of their devices and data. An Apple customer reported this new novel attack scenario to US cyber-security vendor Malwarebytes, complaining about being locked […]
Apps that use 3rd-party updater over insecure HTTP channels subject to MiTM attacks. Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates. The vulnerability is the result of apps […]
Oracle patches Java installer against DLL hijacking issue. Oracle has released new Java installers to fix a well-known security issue (CVE-2016-0603) that also affects o plethora of other applications, from Web browsers to antivirus products, and from file compressors to home cinema software. The problem is called DLL hijacking (or DLL side-loading) and refers to the […]
Intel-powered laptops are safe again. So are desktops. Intel has released version 2.4 of the Intel Driver Update Utility, fixing a critical security flaw (CVE-2016-1493) that enabled attackers to intercept driver updates and serve malware instead. The Intel Driver Update Utility is a desktop application which Intel users can install and automate the driver update […]
This article looks at how an attacker can intercept and read emails sent from one email provider to another by performing a DNS MX record hijacking attack. While our research on the state of email delivery securityindicates that this attack is less pervasive than the TLS downgrade attack, it is equally effective at defeating email […]
A number of weeks back, security researcher Parvez Anwar posted a number of DLL hijacking vulnerabilities within Microsoft Office on Twitter [1]. The following week, Microsoft released MS15-132, which addressed some of these vulnerabilities, along with a large number of very similar bugs reported by others in various guises. [2] [3]. The vulnerabilities that were […]
Dll hijacking is a vulnerability that is caused by a misbehavior practiced by all versions of Windows.Many people believe that is a feature and not a bug because it was intended to be made this way by Microsoft. Basically, it works by creating a custom malicious dll and putting it in the same directory of […]
Traded items will be “held” for days unless you have two-factor security. Account theft is a common and longstanding problem for all kinds of online gaming services, as I can personally attest after losing all of my Diablo III loot to a hacker a few years ago. But Valve says the problem is reaching epidemic […]
Embedded device mayhem as rivals share keys. More than 26,000 Cisco devices sold by Australia’s dominant telco Telstra are open to hijacking via hardcoded SSH login keys and SSL certificates. The baked-in HTTPS server-side certificates and SSH host keys were found by Sec Consult during a study of thousands of router and Internet of Things […]
Security researchers discovered a vulnerability on the Hilton HHonors website, making it straightforward to hijack any other user’s account.
Yet another vulnerability has been found in the Yoast WordPress plugin that can be exploited by attackers allowing them to control the site. Just a week ago, the case was associated with WordPress SEO plugin that is being used by more than a million WordPress websites. However, this time the case is focused on the […]
Everything formidable is often associated with its negative half and the same can be said of the internet. The origins of functional internet can be traced back to the 1990’s, the exact period of the origins of the early form of malware. Malware was then just a few lines of code in software that would […]
A host of UK broadband providers are hijacking people’s browsers mid-session to force them into making decisions on adult content filters.