LATEST POST

9 Results tagged on "hack":

Finding subdomains for open source intelligence and pentest

Many of us are in the security consulting business, or bug bounties, or even network intelligence and have now and then come across a need to find subdomains. The requirement can be from either side of the table - a consultant assessing a client's internet presence, or a company validating its own digital footprint. In more than a decade, it has happened so many times that people are not aware of what old assets...
Read more

Wake up call. Apache Struts is being exploited

Dislaimer: It's a tale of incident response for a vulnerability dated March 2017, that wasn't patched on the server. And, someone exploited it naively. It was in the night that I received a message - "We have been hacked". As with most of the hacks, people tend to overreact (or sometimes under) and the 1st message delivers the least amount of information. It started a chain of events, and forensics to identify...
Read more

Jump Air-gap, Low Level C&C

The threat landscape is very dynamic, and new threat vectors are exploiting vulnerabilities for fun and profit. The whitehat security community is having a race against time with their counterparts. And, often the companies are becoming a target to spear phishing, APT and bots. Some institutions like financial sector, insurance sector, defense etc. have strong regulations to protect the perimeter. But, often these sectors have people working on their modern laptops with different adaptors...
Read more

DDOS, it's time to turn your toasters off

Most of you are already aware of the fact that half of the internet went down (or slow), when a 'bad-hackers' group weaponized 'millions of insecure IOT devices' to attack a DNS provider. Personally from my browsing habits, I was largely effected by Twitter being dramatically slow while other sites felt little sluggish. Anyways, this brings us to a number of question(s), Should I be surprised? I think NO. We knew this sh*...
Read more

The infamous issue of target _blank code

This is one of those vulnerabilities which hasn't got enough spotlight, and therefore vendors are still reluctant to fix it. Some of the vendors do not consider this a vulnerability at all. Here via this blog post, I would like to highlight this issue, and also possible workaround(s). What is "target="_blank"? If you have done the HTML coding you must be aware of the target=_blank when you write...
Read more

Linux Issue with TCP ACK (Part 1)

A flaw in the Linux kernel[1] used since late 2012 allows adversaries to inject malicious traffic, without MITM. In a Wednesday presentation at the USENIX Security Symposium researchers showed that this flaw lies in the Transmission Control Protocol (TCP) used by Linux since late 2012. In their research paper - Off-Path TCP Exploits: Global Rate Limit Considered Dangerous, the researchers document possible use cases, and attack scenarios on how this global limit be...
Read more

Lessons from LinkedIn DB Breach

We are aware that social networking site LinkedIn was breached in June, 2012 and nearly 6 million user credentials were stolen. In May 2016 it's confirmed that nearly 115+ million credentials were stolen, and are now available for sale. So, it's time we revisit what went wrong, and what can we learn from it. First and foremost, there were vulnerabilities (or at-least one) in the web-application and the way it queries the DB was...
Read more

NIST view on Cyber Threat Information Sharing

Reference: 800_150_Draft Document Note: This article summarizes the draft paper, and may contain snippet(s) from it. I love you NIST (National Institute of Standards and Technology). I admire the contribution and knowledge available @NIST and we all have gained a lot from these standards. Now, when I read the draft on “Cyber Threat Information Sharing” (SP800-150) my first reaction was – Oh good God, finally its here! Its been so long I...
Read more