Items Tagged with "Exploits"


09dae715e355968a0e90ebddf038ad56

Hacking-Kung Fu: Aims and Objectives Part 2

May 06, 2012 Added by:Quintius Walker

A major aim of Kung-Fu Hacking training is System Security - or more so being able to secure your own systems. This ability to defend ourselves is a general asset, and has long-term benefits as more and more vulnerabilities become exploitable to the general public...

Comments  (3)

94c7ac665bbf77879483b04272744424

Ethical or Unethical Hacker?

May 01, 2012 Added by:Marc Quibell

Right there as top IT News was an article on how to pwn a Hotmail account. It was a 0-day exploit, which meant no one at Microsoft was notified. It was written by a self-described ethical hacker. Naturally my first reaction was, "Ya right"...

Comments  (11)

69dafe8b58066478aea48f3d0f384820

Symantec Internet Security Threat Report Summary

May 01, 2012 Added by:Headlines

"In addition to the 81% surge in attacks, the number of unique malware variants also increased by 41% and the number of Web attacks blocked per day also increased dramatically, by 36%. Greater numbers of more widespread attacks employed advanced techniques..."

Comments  (2)

6648b1abd4a9b964566c3690613f20a6

OpenX CSRF Vulnerability Being Actively Exploited

April 30, 2012 Added by:Mark Baldwin

This vulnerability from July 2011 is still present in the latest version of OpenX Source (version 2.8.8). Moreover, this vulnerability is being actively exploited to compromise OpenX Source installations in order to serve malicious content via banner ads...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

IC3: Blackhole Exploit Kit 1.2.3 Released

April 26, 2012 Added by:Headlines

Blackhole, the most widely purchased exploit pack in the underground market, is a toolkit that is injected into malicious and/or compromised websites, allowing the attacker to push a variety of exploits targeting vulnerabilities of popular applications like Java and Flash...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Don’t Forget about VoIP Exposures and PBX Hacking

April 24, 2012 Added by:Brent Huston

There are now a variety of tools, exploits and frameworks built for attacking VoIP installations and they are a target for both automated tools and manual hacking. Access to VoIP systems can provide a great platform for intelligence, recon, industrial espionage and toll fraud...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Flashback - Are You Joking? There is No Malware for Mac!

April 23, 2012 Added by:Pierluigi Paganini

We must remember that in any software there will be vulnerabilities that could be exploited for criminal purposes. To give you an immediate idea of the malware available for the Mac environment, I produced a table that lists the main agents detected by a well known antivirus...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Analysis of the April 2012 CPU for the Oracle Database

April 23, 2012 Added by:Alexander Rothacker

It’s mid-April, so it’s Oracle CPU fallout time again. This CPU contains 88 fixes. Thirty-three in this CPU are for vulnerabilities that are remotely exploitable without authentication. In other words, anybody on the network can exploit these vulnerabilities...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Javvad Malik on Hacking Tools and Ethics

April 20, 2012

Joshua Corman wrote a post in which he raises some valid points about tools like Metasploit. Naturally, the purpose such tools is to aid a security tester in finding vulnerabilities. However you cannot dictate if someone will use this for attack or defensive purposes...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Siemens Simatic WINCC Multiple Vulnerabilities

April 20, 2012 Added by:Infosec Island Admin

ICS-CERT has received reports detailing several vulnerabilities in Siemens SIMATIC WinCC Human-Machine Interface application which could allow an attacker to log on to a system as a user or administrator with the ability to execute arbitrary code or obtain full access to files...

Comments  (0)

1a490136c27502563c62267354024cd5

Understanding CSRF Attacks on Network Devices

April 19, 2012

Similar to vulnerabilities in applications on websites, there are also vulnerabilities in the admin panels of different network devices, including Cross-Site Request Forgery(CSRF)vulnerabilities where hackers attack users who have access to those network devices...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

On Buffer Overrun Vulnerabilities, Exploits and Attacks

April 19, 2012 Added by:Fergal Glynn

A Buffer overflow is a common software coding mistake. To effectively mitigate the vulnerability, it is important that you first understand what buffer overflows are, what dangers they pose to your applications, and what techniques attackers use to successfully exploit them...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

All the Lights Will Not Go Out in a Cyber Attack

April 17, 2012 Added by:Dan Dieterle

One of the biggest threats that you hear is that hackers could take out the power grid and all the power would be shut off. America would be thrown back to the power stone age in the flick of a switch (or a series of SCADA exploits). But is this true? The answer is no...

Comments  (5)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Koyo Ecom100 Multiple Vulnerabilities

April 16, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of multiple vulnerabilities with proof-of-concept exploit code affecting the Koyo ECOM100 Ethernet Module. A brute force password cracking tool has been released that targets a weak authentication vulnerability in the ECOM series modules...

Comments  (0)

09dae715e355968a0e90ebddf038ad56

Hacking-Kung Fu: Aims and Objectives

April 15, 2012 Added by:Quintius Walker

Understanding Kung Fu-Hacking enables you to realize that there is more to it than merely learning form or exploits. Understanding will lead you, if you are still not able to defend yourself in real world situations or compromise systems outside lab environments, to ask why...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: MICROSYS PROMOTIC Vulnerability POC

April 13, 2012 Added by:Infosec Island Admin

Researcher Luigi Auriemma identified and released proof of concept code (POC) for a use after free vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application wgich may result in adverse conditions ranging from the corruption of valid data to the execution of arbitrary code...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »