Browsing tag
Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to “allow escalation of privilege and/or information disclosure and/or denial of service via local access.” Successful exploitation of the vulnerability could also permit a […]
ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet’s “main purpose is to build an […]
Researchers from CERT/CC discovered multiple vulnerabilities in Satcom terminal Cobham EXPLORER 710 that affects both firmware and device. The vulnerabilities allow hackers to perform several attacks such as intercept the traffic, remotely execute the command, implant and hide a backdoor, DoS Attack, exfiltrate the sensitive data and more Cobham EXPLORER 710 is a satellite telecommunication […]
Nintendo Switch Hacked: The company was claiming to have added advanced security codes in this version of Switch Firmware. The problems for Nintendo console owners are far from over as the latest firmware version got hacked in merely a few hours. According to reports, the newly rolled out Firmware for Nintendo Switch, the much-awaited version 7.0.0 […]
According to a research, millions of Android devices from 11 OEMs are vulnerable to attacks from simple AT commands. These AT commands or Attention commands are a short collection of strings which were designed to transmit via phone line and modems, back in the 1980s. Earlier, these commands were used for a modem dial-up, hang up, […]
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents […]
TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to: Secure Shell (SSH) key files Secure Socket Layer (SSL) key files Internet Protocol (IP) addresses Uniform Resource Locator (URL) email addresses shell scripts web server binaries configuration files database files specific binaries files (i.e. Dropbear, […]
The UEFI firmware parser is a simple module and set of scripts for parsing, extracting, and recreating UEFI firmware volumes. This includes parsing modules for BIOS, OptionROM, Intel ME and other formats too. Please use the example scripts for parsing tutorials. Installation This module is included within PyPy as uefi_firmware $ sudo pip install uefi_firmware […]
It has been a common understanding that Apple devices are well-protected and less vulnerable. It is also believed that Apple computers are difficult to hack because they have a higher level of protection as compared to the Windows operating systems. But a recent study performed by a team of researchers proved it all wrong. They […]
VULNERABLE FIRMWARE MAKES ASUS ROUTERS SUBJECT TO ATTACK. Wireless router models running the Asuswrt firmware are vulnerable to attacks where hackers can completely compromise the devices if the attack is launched from within the local networks of the routers. Infosvr, the service running on the routers, is used by the Asus Wireless Router Device Discovery […]