Browsing tag
Sonic and ultrasonic signals can be used by attackers to crash hard disk drives, OS. Security researchers from the University of Michigan and Zhejiang University in China have published a new research paper that reveals the latest generation of hard drives are more vulnerable to sonic and ultrasonic signals (inaudible to human) and may lead to crashing operating systems. […]
mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server. As DNS server, mitm6 will selectively reply to DNS queries of the […]
Security researchers from Rhino Labs (a US-based cyber-security firm) have found that cyber criminals can use a Microsoft Word feature dubbed subDoc to fool Windows machines into handing over their NTLM hashes, which is the usual format in which user account credentials are saved. subDoc feature was created to load a document into the body of a […]
Security researchers from FireEye and Dragos have discovered a nasty piece of malware targeting industrial control systems (ICS). The malware (called “TRITON” and “TRISIS”) was discovered after it was used against a victim in the Middle East, and unintentionally led to an automatical shutdown of the industrial process. TRITON has been specially designed to target […]
Blockchain.info is a bitcoin cryptocurrency wallet and block explorer service. Started in August 2011, the service presents information on new transactions, mined blocks in the bitcoin Blockchain charts on the bitcoin economy, and statistics and resources for developers. Security researcher (Shashank) has discovered a critical vulnerability in blockchain.info, he was able to steal anyone’s bitcoin […]
Watering hole attacks attempt to infect more than 100 organizations in 31 different countries. Organizations in 31 countries have been targeted in a new wave of attacks which has been underway since at least October 2016. The attackers used compromised websites or “watering holes” to infect pre-selected targets with previously unknown malware. There has been […]