Posts

Showing posts from 2019

Microsoft Information Disclosure Vulnerability

Image
Information Disclosure Vulnerability in Microsoft Open Enclave SDK ( CVE-2019-1370 ) Overview  A vulnerability has been reported in Microsoft Open Enclave SDK Which could lead to Disclosure of sensitive information in the context of the current user. Description An information disclosure vulnerability exists in microsoft Open Enclave SDK due to improper handling of objects in memory.  An  attacker could exploit this vulnerability by compromising the host application running the open Enclave.  Sucessful exploitation  of this vulnerability could allow an attacker to obtain informnation stored in the open Enclave.

FIRE-CHAT APP--> Chat without internet

Image
The app was first introduced in March 2014 for iPhone's, followed on April 3 by a version for Android devices. In July 2015, Fire-Chat introduced private messaging. Until then, it had only been possible to post messages to public chatroom's. In May 2016, Fire-Chat introduced Fire-Chat Alerts to allow users to send push alerts during a specific time and place. This feature was aimed for aid workers doing disaster relief and was developed from a partnership with Marikina a city in the Philippines. Fire-Chat first became popular in 2014 in Iraq following government restrictions on internet use , and thereafter during the 2014 Hong Kong protests. In 2015, Fire-Chat was also promoted by protesters during the 2015 Ecuadorian protests . On September 11, 2015, during the pro-independence demonstration called Free Way to the Catalan Republic, Fire-Chat was used 131,000 times. Fire-Chat is a proprietary mobile app, developed by Open Garden, which uses wireless mesh netwo

Multiple Vulnerabilities in Intel Products

Image
Multiple Vulnerabilities in Intel Products Multiple vulnerabilities have been reported in Intel products which could allow local attacker to escalate privileges, cause denial of service (DoS) conditions or access sensitive information on a targeted system. Description 1. Escalation of Privilege Vulnerability in Intel RST CVE-2019-14568 This vulnerability exists in the Intel Rapid Storage Technology (RST) due to improper handling of permissions by the affected software. An authenticated attacker could exploit this vulnerability through local access to the system. Successful exploitation of this vulnerability could allow the attacker to get escalated privileges on the targeted system. 2. Vulnerability in multiple Intel Processors (CVE-2019-14607) This vulnerability exists in multiple Intel Processors due to improper checking of conditions by the firmware. An attacker could exploit these vulnerabilities through local access to the targeted system. Successful exploitat

Apple Opens Its Invite-Only Bug Bounty Program

Image
Apple launching a bug bounty program for the bug hunters to show there skills into the field and get rewards for it.  The Researchers can report vulnerability in any product of the Apple like   iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the company. Since its launch three years ago, Apple's bug bounty program was open only for selected security researchers based on invitation and was only rewarded for reporting vulnerabilities in the iOS mobile operating system. However, speaking at a hacking conference in August this year, Ivan Krstić, head of Apple Security Engineering and Architecture at Apple, announced the company's upcoming extended bug bounty program which included three main highlights: an enormous increase in the maximum reward from $200,000 to $1.5 million, accepting bug reports for all of its operating systems and latest hardware, opening the program for all researchers. Even after submitting a valid security bug, researchers need to follow some b

IBM Cloud Park System Cross Site Script Vulnerability

Image
IBM Cloud Park System Cross Site Script Vulnerability This vulnerability exists in IBM Cloud Park system fails to properly sanitize the user-supplied input. An attacker could exploit this  vulnerability to execute arbitrary Javascript code in the browser of an affected system Successful exploitation of this vulnerability could allow the attacker to embed arbitrary Javascript code in the Web UI thus Altering the intended functionally potentially leading to credentials disclosure within a trusted session.

Google Crashed!!!!!

Image
When Google 'crashed' on asking this iPhone question A funny bug was reported yesterday (December 19) by Android smartphone users where if they wanted to search “what is iMessage” on Google, the app simply crashed.  We tried it on four different Android smartphones — Samsung Galaxy Note 10+, Asus ROG Phone II, OnePlus 7 Pro and Xiaomi Mi A3 — and just couldn’t ask about this popular iPhone feature on Google Search.  However, it did appear that Google had fixed the bug as after a couple of hours, we were able to search for “what is iMessage” on Android smartphones. This issue wasn’t restricted to India alone it seems. According to a report by Android Authority, Reddit users also pointed out the issue on their Android smartphones. A Reddit user who was facing the ‘issue’ explained in on the forum , “From my little 30-min testing, this is what I made out. This (the app crash) happens due to some internal function conflict between Google app's "web search"

Most Common Passwords Found From Breaches

Image
Here are the Most Common Passwords Found From Breaches in 2019 Researchers analyzed data leaked in various data breaches to bring this study forward. Passwords ‘12345,’ ‘123456,’ and ‘123456789’ were the most common passwords, followed by ‘test1’ and, of course, the password ‘password’. A bunch of independent anonymous researchers composed a list of 200 most popular passwords that were leaked in data breaches during 2019 and shared it with security firm Nord Pass. The notorious Collections #1-5 breaches alone exposed 3 billion records. Weak password logic also included strings of letters forming a horizontal or vertical line on the keyboard, such as asdfghjkl, qazwsx, 1qaz2wsx, etc. The most obvious—‘password’— remained popular with 830,846 people still using it. Passwords ‘12345,’ ‘123456,’ and ‘123456789’ were the most common passwords, followed by ‘test1’ and, the password ‘password’. Passwords containing popular female names included Nicole, Jessica, Hannah, etc.

Find Sub Domains in a minute

Image
What is a Sub Domain? A subdomain is a domain that is part of a larger domain, the only domain that is not also a subdomain is the root domain. For example, www.google.com is the Root domain and www.google.in or wwww.google.uk are the subdomains. What is the use of Discovering Subdomains? Discovering subdomains of a domain is an essential part of hacking reconnaissance and thanks to following online tools which makes life easier. Having an unsecured subdomain can lead to a serious risk to your business, and lately, there were some security incidents where the hacker used subdomains tricks. Censys Censys is probably one of the first search engines to check for subdomains. Along with subdomain, you can also find some of the exciting stuff as following. IP details ( can be useful to find origin IP ) Certificate details Allowed port SSL/TLS handshake protocol and cipher suites (useful to find weak cipher/protocol) Pentest-Tools Pentest-tools search f

StrandHogg vulnerability in Google Android

Image
StrandHogg vulnerability in Google Android A vulnerability that has been named "StrandHogg" has been reported to be present in the Android operating system. The vulnerability allows a malicious application to masquerade as any other app. The vulnerability exploits an Android control setting called "task affinity" which allows an application to assume any identity in the multitasking system.

Ransomware bypass windows Anti-Virus

Image
The authors of the Snatch ransomware are using a never-before-seen trick to bypass antivirus software and encrypt victims' files without being detected. The trick relies on rebooting an infected computer into Safe Mode and running the ransomware's file encryption process from there. The reason for this step is that most antivirus software does not start in Windows Safe Mode, a Windows state meant for debugging and recovering a corrupt operating system. Cybersecurity researchers have spotted a new variant of the Snatch ransomware that first reboots infected Windows computers into Safe Mode and only then encrypts victims' files to avoid antivirus detection. Unlike traditional malware, the new Snatch ransomware chooses to run in Safe Mode because in the diagnostic mode Windows operating system starts with a minimal set of drivers and services without loading most of the third-party startup programs, including antivirus software. Snatch has been active since at leas

Denial of Service Vulnerability in Linux Kernel

Image
This vulnerability exists in the rwsem_down_write_slowpath of the file "kernel/locking/rwsem.c" of the component btrfs Image Mount Handler in Linux Kernel. A local attacker could exploit this vulnerability by mounting a crafted btrfs image twice leading to a use-after-free error.

Windows 0-Day Under Active Attack

Image
With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers. Microsoft's December security updates include patches for a total of 36 vulnerabilities, where 7 are critical, 27 important, 1 moderate, and one is low in severity—brief information on which you can find later in this article. Tracked as CVE-2019-1458 and rated as Important, the newly patched zero-day Win32k privilege escalation vulnerability, reported by Kaspersky, was used in Operation WizardOpium attacks to gain higher privileges on targeted systems by escaping the Chrome sandbox. Although Google addressed the flaw in Chrome 78.0.3904.87 with the release of an emergency update last month after Kaspersky disclosed it to the tech giant, hackers are still targeting users who are using vulnerable versions of t

The Navy will build cyber teams

Image
The Navy will create tactical cyber teams in early 2020 as part of an order from the service’s top officer. In a new strategy document released Dec. 4, Chief of Naval Operations Adm. Michael Gilday said he wanted the service to develop a plan to field small tactical cyber teams by February 2020. He directed the Information Warfare Type Command and Fleet Cyber Command/10th Fleet to make it happen. “I want to give tactical cyber teams, small tactical cyber teams to fleet commanders so that we can confuse the enemy and put ourselves in a position of advantage in a fight right off the bat,” Gilday said at the USNI Defense Forum Dec. 5. Additional details regarding the makeup of these teams and what their focus will be were not immediately available. U.S. Cyber Command orchestrates cyber operations within the Department of Defense. The services provide the 133 offensive and defensive cyber teams through the cyber mission force to Cyber Command. The individual services, such

Avast and AVG Browser Extensions Spying On Chrome

Image
Avast and AVG Browser Extensions Spying On Chrome and Firefox Users If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible. Avast Online Security AVG Online Security Avast SafePrice AVG SafePrice Why? Because these four widely installed browser extensions have been caught collecting a lot more data on its millions of users than they are intended to, including your detailed browsing history. What users' data is being sent to Avast? Full URL of the page you are on, including query part and anchor data, A unique user identifier (UID) generated by the extension for tracking, Page title, Referrer URL, How you landed on a page, e.g., by entering the address directly, using a bookmark or clicking a link, A value that tells whether you visited a page before, Your country code Browser name and its exact version number, Your operating

Pegasus Spyware Hacked 20 User Whatsapp

Image
WhatsApp informed the government in September that 121 Indian citizens may have been targeted by an Israeli company’s spyware , an official at the mobile messaging services company said, detailing what was a second alert over a possible snooping attempt that came to light earlier in the week. The official, who asked not to be named, said the company had responded to the ministry of electronics and information technology’s calls for an explanation over the kind of breach and what steps it had taken to protect users. The two alerts – one in May and the September communication – were reiterated in the response, which was sent ahead of the November 4 deadline set by the government, this person said, asking not to be named . WhatsApp also told CERT-In that the vulnerability could no longer be exploited to carry out attacks. Prasad said the government is committed to protecting the fundamental rights of citizens, including the right to privacy. "The government operates stric

BUG in Joomla

Image
Vunerability Note CIVN-2019-0187 Information Disclosure Vulnerability in Joomla Overview  A vulnerability has been reported in Joomla which could be exploited by a remote attacker to obtain potentially sensitive information on a targeted system. VULNERABILITY: This vulnerability exists in phputf8 mapping files of Joomla due to improper access cheeks. A remote attacker could gain  information about the file system structure of the server where the website is hosted. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information of the target system which  could lead to further attacks

Chrome Password Stealing Trojan

Image
Chrome Password Stealing Trojan Sends Passwords To Remote MongoDB Database Researchers have found a new password stealer targeting Google Chrome. What’s different about this Chrome Password Stealing Trojan is that it stores all stolen passwords to a remote MongoDB database. Chrome Password Stealing Trojan Reportedly, researchers have discovered a new password-stealing Trojan targeting Google Chrome. Identified as CStealer, the Trojan has nothing special except its peculiar way of storing stolen passwords. According to BleepingComputer, the malware first caught the attention of MalwareHunterTeam and then of a researcher James. Specifically, the Trojan connects to the database via MongoDB C Driver, for which, it also has the credentials. So, right after gaining access to the passwords stored in Chrome Password Manager, it connects to the database to share data. Risk Of Password Breaches As observed by the researchers, the Trojan presently works as a password stealer. Howe

Stop Sharing your Streaming Service Accounts Immediately

Image
Stop Sharing your Streaming Service Accounts Immediately You might want to reconsider sharing the login details of your steaming service account with friends and family to avoid the risk of falling victim to fraud or identity theft at the hands of tech-savvy organized crime groups. The warning comes as thousands of Disney Plus customers reported hackers were accessing their profiles, changing their login credentials and selling their accounts on the dark web. Disney was adamant it did not suffer a data breach, saying the login details were "leaked from previous breaches at other companies, pre-dating the launch of (the streaming service)". The so-called "credential stuffing" attack is a popular technique used by hackers who obtain passwords and usernames via malicious means before seeing if those details will gain access to accounts on different websites. This is achieved by applying through perseverance –  trying various combinations of usernames and pa

Whatsapp some new great features

Image
Whatsapp some new great features Whatsapp is constantly keeping its app updating with new features. This time the main motive is to give smooth calling to its user. Some of the features are still under development while a few have been rolled out as stable updates for both Android and iOS users. Call waiting support: In the updated version, 2.19.120 WhatsApp introduced call waiting for support. Currently, the update is only available for iPhone users. The Android update will be rolled out soon, according to reports. In this update, users will be able to receive another WhatsApp call while they are already on one call. Before this, the user didn't receive any notification on coming to another call instead it shows a message of "MISSED CALL" after the user ends up with the ongoing call. Self-destructing message feature: Although currently available on the Android Beta version, this update will automatically delete a message after a particular period of time

How to start Bug Hunting?

Image
1. First of all, you need to understand what is Bug Bounty and why it is done? A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those about exploits and vulnerabilities. 2.Some Books online books for Bug Bounty!!! There are some books for Web application penetration testing methodology and hunting the web. Through this, you learn the basics and essentials of penetration testing and bug hunting. The Web Application Hacker’s Handbook OWASP Testing Guide Highly suggested by Bugcrowd’s Jason Haddix Penetration Testing The Hacker Playbook 2: Practical Guide to Penetration Testing The Tangled Web: A Guide to Securing Web Applications Jhaddix Bug Hunting Methodology The Hacker Playbook-3 Ethical Hacking and Penetration Guide Web Penetration Testing with Kali Linux Here are some mobile application for Bug Hunting The Mobile Applicatio

Amazon Alexa witnesses for Murder Case

Image
The case took place in Florida between the husband and wife. There was fight The man is 43-year old Adam Crespo. The woman was 32-year old Sylia Galva Crespo. The man in Florida has a spat with his wife after a night out at home. The couple argues and fight and she is somehow "speared to the chest" during the altercation. dies after heavily bleeding from the wound. The man is charged with second-degree murder but denies having killed her. There was no one else who saw or heard the whole thing while it happened. Or there was? There was someone, or rather something that may have heard it. We are talking about the Amazon Echo devices in the house which the police think may have listened to parts of an altercation that may give a clue to the cause of the woman's death. he died from a fatal wound to the chest by a spear at home in Hallandale Beach, Florida in July. As per a report by the Sun-Sentinel, the police think that the Amazon Echo smart devices may have re

Hacking Competition for hackers

Image
A piece of good news for hackers to test their skills in the hacking world legally and win prizes by government  The Tamil Nadu police have turned to teenagers to take on cybercriminals . Around 200 college students and young professionals will take part in a hackathon at the state police headquarters on Saturday and the best among them will get to assist the cops. There’s prize money too for the winners. The first prize comes with RS 50,000 the two-second prize are worth RS 25,000 each and the three third prizes Rs 10,000 each. State police chief J K Tripathy will hand over cyber-volunteer badges to the winners in various categories. The badges will give them access to the Rs 3.24 crore Cyber Arangam that the government has set up at IIT-M’s research park. This facility, modeled on the Kerala police’s cyber-dome in Thiruvananthapuram, is to be the nerve center of the police’s cyber-dome in Thiruvananthapuram, is to be the nerve centre of the police’s operations to root out c

Malicious SDKs Caught Accessing Facebook and Twitter Users Data

Image
SDKs are known as a software development toolki t. SDK is a software library that app developers embed in their code to automate certain operations, spare themselves from writing that specific code by hand and losing precious time. SDKs are very popular in the modern app development ecosystem, but using an SDK also implies surrendering some of your app's control to a third-party entity. Two third-party software development kits (SDKs) integrated by hundreds of thousands of Android apps have been caught holding unauthorized access to user's data associated with their connected social media accounts. The two big social media platform i.e Twitter and Facebook disclose and released a statement revealing that an SDK from another company, Mobiburn have some malicious activity that might have exposed its users connected with certain Android apps to data collection firms. TWITTER On Monday, November 25, Twitter disclosed that they've received a report about an SDK

Russia Join India for Cyber Security Cooperation

Image
After the cyberattack on Kudankulam NPCIL India informed Russia about this attack Russia. Deputy Chief of Mission of the Russian Embassy Roman Babushkin has said Nuclear Power Corporation of India Limited has informed Russian authorities that the plant is safe and additional steps have been taken to enhance its security further. India and Russia have stepped up their cybersecurity cooperation in the backdrop of cyber-attack on the Kudankulam nuclear power plant built by global nuclear major Rosatom. The two sides have a vibrant cybersecurity partnership. On the BRICS summit in Brasilia , Babushkin said ways to deal with the challenge of terrorism will be a focus area, and referred to setting up of a number of working groups to deal with terror financing and transnational crimes. He also said that issues like the situation in Kashmir and Xinjiang in China are unlikely to figure in the deliberations at the summit. Babushkin said Moscow has been focusing on ensuring that

Nuclear Power Corporation of India under cyber attack

Image
NPCIL accepts a Cyberattack on Kudankulam Cybercriminals targetted the Nuclear Power Corporation of India Ltd (NPCIL). The NPCIL on Wednesday accepted a cyberattack on its system after issuing a denial on it a day ago. A statement issued by NPCIL on Wednesday in which they said. "Identification of malware in the NPCIL system is correct. The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019,". " The matter was immediately investigated by DAE (Department of Atomic Energy) specialists. The investigation revealed that the infected PC belonged to a user who was connected to the internet-connected network for administrative purposes. This is isolated from the critical internal network ," it said adding the networks are being monitored continuously. The statement said that the plant systems were not affected by the malware. On Tuesday, the company had denied cyber attack on its Kudankulam Nuclear Power Plant, one of the county

PROBELY--> Vulnerability Scanner (WEB APPLICATION)

Image
PROBELY--> Probely continuously scans for vulnerabilities in your Web Applications. It allows its customers to manage the life cycle of vulnerabilities and provides them with some guidance on how to fix them.   OUR COURSES: ETHICAL HACKING PENETRATION TESTING BUG BOUNTY FORENSIC INVESTIGATION CYBR CRIME INVESTIGATION ISO 27001 LA/LI CONTACT US FOR MORE DETAILS: PHONE:   + 91 8446503791 / +91 9004527361 For detail, courses visit our website:   https://careertechnology.co.in/

Hacker punished for 4 years

Image
Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison A Russian hacker who created and used Neverquest banking malware to steal money from victims' bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. Stanislav Vitaliyevich Lisov , 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the United States in 2018. Earlier this year, Lisov pleaded guilty to one count of conspiracy to commit computer hacking, involving attempts to steal at least $4.4 million from hundreds of victims using the NeverQuest banking trojan. Just like any other sophisticated banking Trojan , NeverQuest , aka Vawtrak or Snifula, has also been designed to let attackers remotely control infected computers and steal a wide range of sensitive information. Besides stealing login information for banking or other financial

Arron Banks' twitter account hacked

Image
The Twitter account of Arron Banks, the founder of the pro-Brexit campaign Leave.EU has been hacked. A hacker hacked the Twitter account of Arron Banks, chairman of the pro-Brexit UK political campaign organization Leave.EU, and leaked his private message history online earlier this week. The BBC yesterday reported that the culprit had access to thousands of private messages that had been sent and received by Banks over several years. The Guardian reported that the attack involved illegal access to Banks’s email address, and quoted a Leave.EU spokesman as saying that a SIM swap also took place. “ Twitter was notified 12 hours ago, and despite repeated requests, they have taken no action to deactivate the account or remove the illegal data downloads, ” Banks continued. “ Despite the obvious lack of security at Twitter related to personal data, they have deliberately chosen to leave personal data in the public domain .” Last night, the hacked account posted a string of num