Archive | Exploits/Vulnerabilities

Bug Bounties Reaching $500,000 For iOS Exploits

It seems this year bug bounties are getting really serious, especially on the secondary market involving exploit trading firms, not direct to the software producer or owner. $500,000 isn’t chump change and would be a good year for a small security team, especially living somewhere with a weaker currency. Even for a solo security researcher […]

Tags: , , , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities | Add a Comment

Telegram Hack – Possible Nation State Attack By Iran

So there’s been a lot of news lately about the Telegram hack and how 15 million accounts were compromised, which is not technically true. There’s 2 vectors of attack at play here, both of which regard Iranian users, but are not connected (other than the attackers probably being the same group). So the two attacks […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy | Add a Comment

In 2016 Your Wireless Keyboard Security Still SUCKS – KeySniffer

So you’d probably imagine that Wireless Keyboard Security is a 1998 problem and you shouldn’t even have to worry about that any more. And you’d be wrong – two-thirds of wireless keyboards, from MAJOR manufacturers are not even vaguely secure. It turns out, in 2016 when cryptography is mainstream, open-source and fairly easy to implement […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

ERTS – Exploit Reliability Testing System

ERTS or Exploit Reliability Testing System is a Python based tool to calculate the reliability of an exploit based on the number of times the exploit is able to control EIP register with the desired address/value. It’s created to help you code reliable exploits and take the manual parts out of running and re-running exploits […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming | Add a Comment

shadow – Firefox Heap Exploitation Tool (jemalloc)

shadow is a new, extended (and renamed version) of a Firefox heap exploitation tool, which is quite a swiss army knife for Firefox/jemalloc heap exploitation. If you want to dive in really deep to this tool, and the technicalities behind it check this out – OR’LYEH? The Shadow over Firefox [PDF] Support shadow has been […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Intel Hidden Management Engine – x86 Security Risk?

So it seems the latest generation of Intel x86 CPUs have implemented a Intel hidden management engine that cannot be audited or examined. We can also assume at some point it will be compromised and security researchers are labelling this as a Ring -3 level vulnerability. This isn’t a new issue though, people have been […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

TeamViewer Hacked? It Certainly Looks Like It

So is TeamViewer Hacked? There’s no definitive answer for now as they aren’t admitting to anything – but it does look very suspicious. The whole service was down for a few hours, the domains were apparently pointing to Chinese IP addresses (DNS Hijacking?) and no-one could login. A whole bunch of users also turned up […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

So another vulnerability with a name and a logo – ImageTragick? At least this time it’s pretty dangerous, a bunch of ImageMagick Zero-Day vulnerabilities have been announced including one that can leave you susceptible to remote code execution. It’s pretty widely used software too and very public, if you use an app online that lets […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment Leak Exposes 1.1M Extremely Private Records

So another data breach, and no surprise here, but another dating site. This time the Leak has exposed 1.1 million customer records, including 15 million private messages sent between users. Not so private now is it. And no surprise either the entry point for this leak, was the not-so excellent NoSQL database MongoDB which […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Privacy, Web Hacking | Add a Comment

Apple Will Not Patch Windows QuickTime Vulnerabilities

Much like Adobe Flash, QuickTime from Apple is a bit of a relic some pretty serious, remote code execution type Windows QuickTime Vulnerabilities were recently discovered by Trend Micro. Apple has officially stated that they won’t be fixing them and the official line on this, is to uninstall QuickTime. I guess a lot of people […]

Tags: , , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Windows Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·