CVE – MrHacker

Vulnerabilities

Jan 29, 2019

Hackers Exploiting More than 9000 Cisco RV320/RV325 Routers After POC published in GitHub

Cybercriminals now actively exploiting 9,852 Cisco RV320/RV325 routers that are vulnerable to critical remote code execution vulnerabilities CVE-2019-1653, CVE-2019-1652. A vulnerability in the Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information from CVE-2019-1653, and a remote attacker with administrative privileges on an affected […]

root

Malware

Jan 26, 2019

Improved Fallout Exploit Kit – Now supports HTTPS and Flash exploit (CVE-2018-15982)

Fallout is an exploit kit (EK) first identified at the end of August 2018. It was first seen as a part of a malvertising campaign affecting users in Japan, Korea, the Middle East, Southern Europe, and others in the Asia Pacific. Fallout was observed exploiting vulnerabilities CVE-2018-4878 and CVE-2018-8174 and distributing the Gandcrab ransomware to […]

root

Ransomware

Jan 20, 2019

Hackers Launching Fallout Exploit Kit with New Flash Exploits That Delivers GandCrab Ransomware

One of the dangerous Fallout exploit kit now back to form with various new futures and delivering one of the widely distributed Ransomware GandCrab. Attackers using malvertising chain to ditributing the Fallout exploit kit since Jan 2015 via adult websites. Unlike past infection that discovered back to 2018, current distribution contain new futures including HTTPS […]

root

Vulnerability Analysis

Oct 30, 2017

cve-search – Perform Local Searches For Known Vulnerabilities

cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs. The main objective of the software is to avoid doing direct and public lookup into the public CVE databases. This is usually faster to do local lookups and limits […]

root

Vulnerabilities

Aug 11, 2017

Adobe Flash Player Bug that can Leak Windows User Credentials

Adobe published a new version of Flash player in the middle of this week covering the Security issues under CVE-2017-3085 that affects all the platforms of windows(Windows XP, Vista, 7, 8.x and 10). This flaw was identified by Security researcher Ruytenberg and it was derived from the old vulnerability(CVE-2016-4271) which Adobe patched on September 2016. […]

root

Vulnerabilities

Jul 11, 2017

Adobe patches Multiple Security Flaw in Flash Player and Adobe Connect

Adobe releases patches for critical security flaws which allows attackers to control your system. This bundle applies for Windows, Macintosh, Linux and Chrome OS. Flash Player Security Update – APSB17-21 These critical vulnerabilities affected Adobe Flash Player Desktop Runtime, Adobe Flash Player for Google Chrome running with versions of 26.0.0.131 and earlier, also Adobe Flash […]

root

Vulnerabilities

Jul 05, 2017

Multiple Vulnerabilities with Pre-installed Packages open Dell systems to Hack

Security experts from Talos discovered a couple of vulnerabilities in Dell Precision software which allow attackers to disable security mechanisms, escalate privileges and execute arbitrary code within the context of the application user. CVE-2016-9038 This vulnerability exists with Invincea-X, Dell Protected Workspace 6.1.3-24058 and attacker can trigger this vulnerability by sending crafted data to the […]

root

Vulnerabilities

Jun 01, 2017

Sources to Trace New Vulnerabilities

Vulnerability defined as the weakness that allows attacker to enter in and harm, it may be a flaw in design or misconfiguration. In order to exploit the vulnerability attacker should have applicable tool or technique that connect to the system weakness. National Vulnerability Database NVD is the U.S. government repository of standards based vulnerability management […]

root

Vulnerabilities

Mar 16, 2017

Drupal releases Security update for Multiple Vulnerabilities

Drupal is a content management software. It’s utilized to make a considerable amount of the websites and applications you utilize each day. Its tools help you to build the versatile, organized content that dynamic web experience require. Drupal is a platform the United States, London, France, and more use to communicate with the citizen. It’s the […]

root

Hacked

Oct 29, 2016

DRAMMER: Rowhammer Attack Comes To Android, Can Root Millions Of Android Devices

Short Bytes: A team of researchers at VUSec Lab has successfully demonstrated Drammer attack which is an implementation of the Rowhammer attack for ARM-based devices. The attack has the potential to root millions of Android devices from renowned brands like Samsung, LG, Motorola, OnePlus, Xiaomi, etc. The Rowhammer attack has been there for a while […]

root