Archive for the ‘Hacking’ Category

Introduction to Hacking

This book will show you how Hacking works. You will have a chance to understand howattackers gain access to your systems and steal information. Also, you will learn what youneed to do in order to protect yourself from all kind of hacking techniques. Structured on 10 chapters, all about hacking, this is in short what the […]

Leave a Comment

Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts

Leave a Comment

SUPERNOVA, a backdoor found while investigating SolarWinds hack

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor. After the initial disclosure of the SolarWinds attack, several teams of researchers mentioned the existence of two […]

Leave a Comment

Suspected Russian hackers spied on U.S. Treasury emails

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury Department and an agency that decides internet and telecommunications policy, according to people familiar with the matter. Three of the people familiar with the investigation said Russia is currently believed to be behind the attack. Two of the […]

Leave a Comment

U.S. Schools Are Buying Phone-Hacking Tech That the FBI Uses to Investigate Terrorists

A Gizmodo investigation has found that schools in the U.S. are purchasing phone surveillance tools from Cellebrite and companies that offer similar tools just four years after the FBI used it to crack a terrorism suspect’s iPhone. In May 2016, a student enrolled in a high-school in Shelbyville, Texas, consented to having his phone searched […]

Leave a Comment

U.S. Cyber Firm FireEye Says It Was Breached by Nation-State Hackers

The cybersecurity company said the attack compromised its software tools used to test the defenses of its thousands of customers. “I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” Kevin Mandia, the chief executive at FireEye and a former Air Force officer, said in a blog post published Tuesday. “The […]

Leave a Comment

10 Best InfoSec Hacking Books

10 Best InfoSec Hacking Books To download 10 Best InfoSec Hacking Books pdf   To download 10 Best InfoSec Hacking Books pdf  

Leave a Comment

LidarPhone Attack Transforms Smart Vacuum Cleaners Into Spying Tools

LidarPhone attack targets the lidar sensors in smart vacuum cleaners transforming them into microphones to record sounds and eavesdrop. Describing LidarPhone in brief, the researchers stated, The fundamental concept of LidarPhone lies in sensing such induced vibrations in household objects using the vacuum robot’s lidar sensor and then processing the recorded vibration signal to recover […]

Leave a Comment

FBI: Hackers stole source code from US government agencies and private companies

FBI blames intrusions on improperly configured SonarQube source code management tools. FBI officials say that threat actors have abused these misconfigurations to access SonarQube instances, pivot to the connected source code repositories, and then access and steal proprietary or private/sensitive applications. Officials provided two examples of past incidents: “In August 2020, unknown threat actors leaked […]

Leave a Comment

Pwn2Own Tokyo Day one: NETGEAR Router, WD NAS Device hacked

Pwn2Own Tokyo 2020 hacking competition is started, bug bounty hunters already hacked a NETGEAR router and a Western Digital NAS devices. The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, Canada, and white hat hackers taking part in the competition have to demonstrate their ability to find and exploit vulnerabilities in a […]

Leave a Comment

Hackers hijack Telegram, email accounts in SS7 mobile attack

Hackers with access to the Signaling System 7 (SS7) used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business. Source: Hackers hijack Telegram, email accounts in SS7 mobile attack Telegram SS7 attack

Leave a Comment

Hacker Accessed Network of U.S. Agency and Downloaded Data

An unnamed U.S. federal agency was hit with a cyber-attack after a hacker used valid access credentials, authorities said on Thursday. While many details of the hack weren’t revealed, federal authorities did divulge that the hacker was able to browse directories, copy at least one file and exfiltrate data, according to the Cybersecurity & Infrastructure […]

Leave a Comment

Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000

Nearly 2,000 e-commerce shops pwned over weekend so it’s time to migrate Source: Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000 Thousands of e-commerce stores built using Magento 1 have been poisoned with malicious code that steals customers’ bank card information as they enter their details […]

Leave a Comment

CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs

CISA says attacks have started a year ago and some have been successful. Source: CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs | ZDNet Chinese Hackers Working w/ Ministry of State Security Charged w/ Global Computer Intrusion Campaign The Hacker and the State: Cyber Attacks and the New Normal of […]

Leave a Comment

Hackers are backdooring QNAP NAS devices with 3-year old RCE bug

Hackers are scanning for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions, trying to exploit a remote code execution (RCE) vulnerability addressed by QNAP in a previous release. Source: Hackers are backdooring QNAP NAS devices with 3-year old RCE bug CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malwareQSnatch […]

Leave a Comment

The Best DEF CON Talks Of All Time!

As the title of this post suggests we’ve sourced what we believe to be the best DEF CON presentations from 1993 to the present day. For those that don’t know, DEF CON is literally the ‘poster-child’ Source: The Best DEF CON Talks Of All Time!

Leave a Comment

Mozilla offers rewards for Bypassing Firefox Exploit Mitigations

Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Source: Mozilla offers rewards for Bypassing Firefox Exploit Mitigations Why Firefox is the best browser for privacy and how to configure things properly

Leave a Comment

Hacked government, college sites push malware via fake hacking tools

A large scale hacking campaign is targeting governments and university websites to host articles on hacking social network accounts that lead to malware and scams. Some of the sites targeted in this campaign belong to government sites for San Diego, Colorado, Minnesota, as well as sites for UNESCO, the National Institutes of Health (nih.gov), National […]

Leave a Comment

So you’ve decided you want to write a Windows rootkit. Good thing this chap’s just demystified it in a talk

Demirkapi shows how drivers can be misused for deep pwnage DEF CON Writing a successful Windows rootkit is easier than you would think. All you need is do is learn assembly and C/C++ programming, plus exploit development, reverse engineering, and Windows internals, and then find and abuse a buggy driver, and inject and install your rootkit, […]

Leave a Comment

Hackers abuse lookalike domains and favicons for credit card theft

Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Source: Hackers abuse lookalike domains and favicons for credit card theft Credit Card Scammers on the Dark Web Preventing Credit Card Fraud: A Complete Guide for Everyone from Merchants to Consumers PCI Compliance Download a Security Risk Assessment Steps […]

Leave a Comment