News

Have you ever done a domain password audit? Well yes the cracking of the passwords can be fun depending on the rig your using, but what happens after that? Yeah…… the reporting! There are some tools that give stats but none of the can compare to this new tool “PasswordStats”. […]

PasswordStats – A cool new password reporting tool

15 Mar, 2017 in News / Tutorials tagged audit / domain / password / PasswordStats / stats by admin

Malware analysis is like defusing bombs. The objective is to disassemble and understand a program that was built to do harm or spy on computer users (oops, this is where the bomb analogy fails, but one gets the point). That program is often obfuscated (ie: packed) to make the analysis […]

Malboxes: a Tool to Build Malware Analysis Virtual Machines

17 Feb, 2017 in News tagged malboxes / malware / virtual / vm by admin

Last weekend a security researcher publicly disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months. The zero-day memory corruption flaw resides in the implementation of the SMB (server message block) network file sharing protocol that could […]

Windows SMB Zero-Day Exploit Released in the Wild after Microsoft ...

6 Feb, 2017 in News tagged 0day / microsoft / smb / Windows by admin

Visitors to more than 10,000 Tor-based websites were met with an alarming announcement this morning: “Hello, Freedom Hosting II, you have been hacked.” A group affiliating itself with Anonymous had compromised servers at Freedom Hosting II, a popular service for hosting websites accessible only through Tor. Roughly six hours after […]

An Anonymous group just took down a fifth of the ...

3 Feb, 2017 in News tagged anonymous / freedom hosting / hacking by admin

As we connect more and more devices to the internet, we create more and more potential security vulnerabilities. While we’re usually aware of the gadgets we use every day — our PCs, smartphones, and tablets — we might now always think about just how secure are all of our other […]

Cisco Prime Home: Hackers in your network?

3 Feb, 2017 in News tagged attacker / cisco / prime by admin

Customer information from more than 130,000 users of the Three mobile network has been compromised in a cyber security breach, the mobile operator has said. Three boss, Dave Dyson, said in a statement that all affected customers were being contacted individually and that while personal information had been accessed, no […]

Three Mobile Data Breach

18 Nov, 2016 in News tagged data breach / hacking / mobile / three by admin

Well that’s not good, not good at all. The new bill will force internet companies to store their users’ browsing data for a year, and will allow the government to force phone makers to hack into people’s handsets. The House of Lords has passed the Investigatory Powers Bill, putting the huge […]

UK Snoopers Charter 2 passed

18 Nov, 2016 in News tagged ~government / charter / hacking / law / snooper / uk by admin

Day 2 at Blackhat EU 2016 and had a great day. This talk Breaking Big Data: Evading Analysis of the Metadata of Your Life was very interesting by a former NSA professional talking about a variety of the techniques used by the mass surveillance industry to analyse an individual’s metadata […]

BlackHat Europe 2016: Day 2 of 2

4 Nov, 2016 in News tagged CanToolz / CloudFlare / nsa / WarberryPi by admin

Today was day 1 of 2 for me at BlackHat Europe 2016, one of my highlights was the tool Bloodhound located in the Arsenal section. BloodHound uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment. Basically it shows the quickest way to get domain […]

BlackHat Europe 2016: Day 1 of 2

3 Nov, 2016 in News tagged 2016 / blackhat / blog / bloodhound / hacking / tools / WAF by admin

Yeah, thanks a lot…. in-case you can’t tell its my sarcasm kicking in. After doing heavy damage to KrebsOnSecurity and other web servers the creator of the Mirai DDoS botnet, a program designed to harness insecure IoT devices to run massive Distributed denial of service attacks, has apparently released the […]

Well thanks anna-senpai for the Mirai source code release

28 Oct, 2016 in News tagged DDoS / hackers / marai / mirai / senpai by admin

On october 19 2016, the Dirty Cow vulnerability went public (which is kernel privilege escalation vulnerability) . From what I have read and test, the exploit is working only on Centos 7/ RHEL7 / Cloudlinux 7 distros . CVE-2016-5195 Why is it called the Dirty COW bug? “A race condition […]

Testing for the dirty cow CVE-2016-5195?

21 Oct, 2016 in News tagged CVE-2016-5195 / dirty cow / escalation / exploit / linux by admin

Linux running web servers appear to be at risk of a new strain of ransomware called FairWare. Three Linux administrators, at least for now, have already complained about being targeted by the malicious newcomer. People, who were having trouble with ransomware support thread and posted their quandary on the […]

Potential Ransomware Hits Linux Servers

31 Aug, 2016 in News tagged FairWare / linux / ransomware / server by admin

Kelihos is one of the oldest botnets, first spotted way back in 2008, but it has managed to survive a couple of sinkhole attempts and it is still active. MalwareTech, both owner and operator of the Botnet Tracker project, says that Kelihos devs saw this change as an opportunity and […]

Kelihos Botnet now dishing out Ransomware

30 Aug, 2016 in News tagged botnet / Kelihos / ransomware by admin

It seems that the NSA has been hacked. This is being speculated after a group of hackers going by the name “The Shadow Brokers” has claimed to breach an NSA-controlled hacking organization. The hacking group has leaked some private hacking tools and exploits. The hackers are also asking for 1 […]

NSA potentially hacked by The Shadow Brokers

15 Aug, 2016 in News tagged hacked / nsa / screamingplow / the shadow brokers / usa by admin

From September 1, you’ll need a TV licence if you stream catch-up or on-demand TV from the BBC’s iPlayer service, regardless if you’ve got a television set or not – phone, computer, potato, whatever, you’ll have to cough up the reddies. See this Freedom Of Information Request for further information . […]

BBC sniffing Wi-Fi packets to detect BBC iPlayer users without ...

8 Aug, 2016 in News tagged bbc / iw-fi / kismet / sniffing / wifi by admin

InfoSec News & Investigations