Browsing tag
Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. With Thread Hijacking, it allows the hijacker.exe program to suspend a thread within the target.exe program allowing us to write shellcode to a thread.Usage int main() { System sys; Interceptor incp; Exception exp; sys.returnVersionState(); if (sys.returnPrivilegeEscalationState()) { std::cout << “Token Privileges […]
Dell laptop and computer owners beware! Your machine is vulnerable to an attack that can be executed remotely to hijack your system — just by making you visit a malicious website. As reported by ZDNet, a 17-year-old security researcher, Bill Demirkapi, discovered a vulnerability in the Dell SupportAssist utility that allows attackers to execute malicious codes remotely. The […]
Researchers discovered a serious Vulnerability in famous vendors car alarm system that allows attackers to hijack the car remotely and kill the engine while driving, even steal the car. These alarms available in the market for $5,000, that already fitted in several high-end cars and the critical vulnerabilities were discovered in two leading alarm vendors […]
A flaw in how WordPress handles privileges can be exploited to take control of a domain A flaw in the WordPress process to manage user privilege assignments can be exploited to allow a malicious actor to hijack WooCommerce websites, as reported by specialists in digital forensics from the International Institute of Cyber Security. The security problem […]
Domain Hijacking is a well-known security issue that can be carried in many different ways. In addition to social engineering or unauthorized access to the domain owner’s account, the exploitation of neglected DNS records configured for cloud services is increasingly common. In the latter case, a threat actor (TA) can potentially take control of a […]
According to Check Point’s latest Global Threat Impact index, nearly 23 percent of organizations across the world is affected by the Coinhive – the Crypto-mining malware that drains CPU power to mining malware. The cybersecurity experts found three different variants of crypto-mining, malware and Coinhive ranks on top. Other miners that made their way to the list […]
A wide Spread EMOTET malware emerging again with new stealthy capabilities to hijack the Windows API and evade the sandbox detection which also gives more pain for Malware analysis. Previous future called RunPE that is used for hiding malware into the Legitimate process to evade the security scanners and inject its code into windows executable process. In […]
MongoDB administrators are about to be tought a hard lesson in database management practices, as the number of hackers that are now involved with DB hijacking attempts has gone from one to three, and more are expected to join in the upcoming days. This Monday, Bleeping Computer broke the news that a hacker/group identified as […]
A while back I was exploring userland COM and stumbled across some 2011 research by Jon Larimer explaining the dangers of per-user COM objects. Recently Casey Smith (@subtee)started digging into COM and its implications as well, which motivated me to finish the research I had started. After some poking around, I found out that you […]
A trio of Russian hackers revealed numerous bugs in the train systems of many of Europe’s railway companies, saying that hackers and terrorists can easily exploit them to derail or even hijack the trains. After hacking jeep, sniper rifle and electronic skateboards, it’s time for trains to get some taste as three Russian hackers have […]
Simple DNS hijacking enables attackers to distribute Fake Infected Flash Player at UConn website. On Sunday, the official web portal of the University of Connecticut was hacked and used to distribute powerful malware disguised as fake Adobe Flash Player update. The university’s deputy spokesperson Tom Breen informed that on December 27 at around 11:00 a.m. […]
The Ask.com toolbar is not a handy tool — it’s a Curse because it never goes away. Apparently, Ask.com toolbar hijacks your computer entirely. It usually skulks into computer systems on the coattails of some necessary software, normally Java updates. — Then it becomes virtually impossible to uninstall the toolbar however; we have a solution […]