Archive | Exploits/Vulnerabilities




WinRAR Vulnerability Is Complete Bullshit

So Twitter exploded earlier with calls of a remote code execution WinRAR vulnerability leaving half a BILLION users open for some hardcore exploitation. I got interested (obviously..as that’s what I do here) and went to read about it, I have to call pretty sketchy, non-technical reporting from the The Register for once, it seems like […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

XcodeGhost iOS Trojan Infected Over 4000 Apps

So the recent XcodeGhost iOS Trojan Infection has escalated quickly, an initial estimate of 39 infected apps has rapidly increased to over 4000! You can see the FireEye announcement here: Protecting Our Customers from XcodeGhost XCodeGhost is the first instance of the iOS App Store distributing a large number of trojanized apps, the malicious/infected apps […]

Tags: , , , , , , ,

Posted in: Apple, Exploits/Vulnerabilities, Malware | Add a Comment

WhatsApp Web vCard Vulnerability Exposed 200M Users

So it seems there was a lot of noise about the WhatsApp Web vCard Vulnerability with over 200 Million people using the desktop version of WhatsApp – it’s a fairly large cache of users to go after. Disclosed by Check Point security, the vulnerability is exploited by sending a vCard contact containing malicious code to […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Mimikatz – Gather Windows Credentials

Mimikatz is a tool to gather Windows credentials, basically a swiss-army knife of Windows credential gathering that bundles together many of the most useful tasks that you would perform on a Windows machine you have SYSTEM privileges on. It supports both Windows 32-bit and 64-bit and allows you to gather various credential types. Techniques such […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Password Cracking, Windows Hacking | Add a Comment

The Jeep HACK – What You Need To Know

So yah, the big news this week everyone is shouting about is about the Fiat Chrysler Automobiles (FCA) owned Jeep Hack involving the new Cherokee which has remote control software which allows access to the engine, aircon, audio system and brakes – basically the whole car can be controlled remotely as long as you know […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hardware Hacking | Add a Comment

Dharma – Generation-based Context-free Grammar Fuzzing Tool

Dharma is a tool used to create test cases for fuzzing of structured text inputs, such as markup and script. It takes a custom high-level grammar format as input, and produces random well-formed test cases as output – it can be used as a grammar fuzzing tool. API programming is complex and subtle programming mistakes […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Hacking Team Hacked – What You Need To Know

So the Internet has been blowing up for the last few days about an Italian information security company called Hacking Team getting pwned – they were already pretty famous for their software RCS (Remote Control Software) also known as Galileo. In modern digital communications, encryption is widely employed to protect users from eavesdropping. Unfortunately, encryption […]

Tags: , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Legal Issues | Add a Comment

AddressSanitizer – A Fast Memory Error Detector

AddressSanitizer (aka ASan) is a very fast memory error detector for C/C++, Tthe average slowdown of the instrumented program is ~2x. The tool works on x86 Linux and Mac, and ARM Android. AddressSanitizer is based on compiler instrumentation and directly-mapped shadow memory. The tool consists of a compiler instrumentation module (currently, an LLVM pass) and […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Programming | Add a Comment

Apple’s Password Storing Keychain Cracked on iOS & OS X

And another password shocker, a few days after ‘cloud’ password service LastPass was pretty seriously hacked (yah if you’re using it, change your master password) critical 0-day flaws in Apple’s password storing keychain have been exposed. Which is kinda funny, as after the LastPass hack I saw some people espousing the usage of Apple’s keychain […]

Tags: , , , , , , , , , , ,

Posted in: Apple, Cryptography, Exploits/Vulnerabilities, Password Cracking, Privacy | Add a Comment

The Logjam Attack – ANOTHER Critical TLS Weakness

So it seems SSL/TLS has not been having a good time lately, alongside Heartbleed and POODLE we now have the Logjam attack. It’s somewhat similar to the FREAK attack earlier this year, but that attacked the RSA key exchange and was due to an implementation vulnerability rather than Logjam which attacks the Diffie-Hellman key exchange […]

Tags: , , , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·