Archive | Exploits/Vulnerabilities


17 April 2014 | 1,146 views

Royal Canadian Mounted Police Arrest Heartbleed Hacker

The Heartbleed Bug was the big thing last week and honestly pretty much the biggest thing this year so far. And it turns out someone has been caught using the Heartbleed bug in a malicious way and in Canada no less. The young Heartbleed hacker goes is a 19 year old Stephen Arthuro Solis-Reyes and […]

Continue Reading


09 April 2014 | 4,339 views

Heartbleed Bug SSL Vulnerability – Everything You Need To Know

Introduction So the Internet has been exploding this week due to the Heartbleed Bug in OpenSSL which effects a LOT of servers and websites and is being hailed by some as the worst vulnerability in the history of the Internet thus far. The main info on the bug can be found at http://heartbleed.com/. In basic […]

Continue Reading


03 April 2014 | 700 views

Oracle Java Cloud Service Vulnerabilities Publicly Disclosed

Security researches from the Polish firm Security Explorations have released a massive slew of PoC code and technical details on 30 Oracle Java Cloud Service Vulnerabilities. It seems like they had already reported them to Oracle, but weren’t happy with how things were handled, so have decided to go public with the weaknesses. They gave […]

Continue Reading


11 March 2014 | 1,832 views

ODA – Online Web Based Disassembler

ODA stands for Online DisAssembler. ODA is a general purpose machine code disassembler that supports a myriad of machine architectures. Built on the shoulders of libbfd and libopcodes (part of binutils), ODA allows you to explore an executable by dissecting its sections, strings, symbols, raw hex, and machine level instructions. ODA is an online Web […]

Continue Reading


06 March 2014 | 797 views

Target CIO Beth Jacob Resigns After Huge Breach

So the latest news this week is that the Target CIO Beth Jacob has resigned, it seems to be somewhat linked to the massive heist of credit card details from Target that took place in December last year. To be fair it was a fairly complex, high-level attack and I’m pretty sure most companies would […]

Continue Reading


19 February 2014 | 1,259 views

2 Different Hacker Groups Exploit The Same IE 0-Day

It hasn’t been too long since the last serious Internet Explorer 0-day, back in November it was used in drive-by attacks – Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks. And earlier last year there was an emergency patch issued – Microsoft Rushes Out ‘Fix It’ For Internet Explorer 0-day Exploit. […]

Continue Reading


23 December 2013 | 5,509 views

Researchers Crack 4096-bit RSA Encryption With a Microphone

So this is a pretty interesting acoustic based cryptanalysis side-channel attack which can crack 4096-bit RSA encryption. It’s been a while since we’ve seen anything hardware based, and RSA 4096 is pretty strong encryption, I wonder how they figured this one out. It makes sense though when you think about it, although I wouldn’t have […]

Continue Reading


25 November 2013 | 1,362 views

vBulletin.com Hacked – Forum User Emails & Encrypted Passwords Leaked

vBulletin.com hacked is the latest news going around, there seems to have been a spate of these lately, with huge numbers of user accounts leaked. Thankfully this time, the passwords are actually hashed, but with what algorithm – we aren’t quite sure. Perhaps someone could figure it out with HashTag. I do have some vBulletin […]

Continue Reading


20 November 2013 | 3,688 views

Cupid Media Hack Exposes 42 Million Passwords In Plain Text

42 Million Passwords – now that’s a big number, and the worst part – they aren’t even hashed. Nope, not at all – not even badly. Apparently the intrusion took place earlier this year, in January 2013 – but there was no public announcement. The data was found on the same server where the hacked […]

Continue Reading


16 November 2013 | 3,287 views

Linux Backdoor Fokirtor Injects Traffic Into SSH Protocol

Earlier this week we wrote about an Internet Explorer 0-day which used an in-memory drive by attack, which was pretty smart. Now another new type of malware (a backdoor in this case), this time targeting Linux known as Fokirtor. There is no real discussion of the exploit used to plant this backdoor (if it was […]

Continue Reading