Year: 2017 (Page 97)

Hacker hijacked more than 150,000 printers

On: February 11, 2017

For many of us hacking of printers seems to be next to impossible thing. But, a hacker has hacked more than 150,000 printers via the internet. The attack affected allRead More →

2 thoughts on “Code Execution in SQL Server via Fileless CLR-based Custom Stored Procedures”

On: February 11, 2017

In: Vulnerabilities

Recently I was given the task of performing command execution on a compromised MSSQL server with the following restrictions: No use of the xp_cmdshell stored procedure. No writing anything toRead More →

WhatsApp Brings Two-step Verification For 1.2 Billion Users, Here’s How To Enable It

On: February 11, 2017

In: Mobile Security

Short Bytes: WhatsApp has enabled two-step verification option for all its 1.2 billion users. After enabling this optional feature, any attempt to verify your phone on a smartphone will needRead More →

Quickly Add an .onion URL to Your Site with the Enterprise Onion Toolkit (EOTK)

On: February 10, 2017

In: Important, Incidents, Technology, Vulnerabilities

Security researcher and software engineer Alec Muffett has created a new project called the Enterprise Onion Toolkit (EOTK), which can help website owners add a .onion URL for their site’sRead More →

The next generation of cyber attacks — PDoS, TDoS, and others

On: February 10, 2017

In: Incidents

2016 was a landmark year in cyber security. The cyber landscape was rocked as Internet of Things (IoT) threats became a reality and unleashed the first 1TB DDoS attacks —Read More →

Every website that uses jQuery Mobile, and has any open redirect is vulnerable to XSS

On: February 10, 2017

In: Vulnerabilities

Every website that uses jQuery Mobile, and has any open redirect anywhere is vulnerable to cross-site scripting (XSS) attacks. The jQuery Foundation’s jQuery Mobile project is an HTML5-based framework that allowsRead More →

Ticketbleed flaw in F5 Networks BIG-IP appliances exposed to remote attacks

On: February 10, 2017

In: Important, Incidents, Malware, Vulnerabilities

F5 Networks BIG-IP appliances are affected by a serious vulnerability, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’ that exposes it to remote attacks The F5 Networks BIG-IP appliances are affected by aRead More →

DynA-Crypt not only Encrypts Your Files, but Also Steals Your Info

On: February 10, 2017

In: Malware, Vulnerabilities

A new ransomware called DynA-Crypt was discovered by GData malware analyst Karsten Hahn that not only encrypts your data, but also tries to steal a ton of information from a victim’s computer. Ransomware andRead More →

Owning a Locked OnePlus 3/3T: Bootloader Vulnerabilities

On: February 9, 2017

In: Vulnerabilities

In this blog post I disclose two vulnerabilities in the OnePlus 3/3T bootloader. The first one, CVE-2017-5626, is a critical severity vulnerability affecting OxygenOS 3.2-4.0.1 (4.0.2 is patched). The vulnerabilityRead More →

Fileless attacks against enterprise networks

On: February 9, 2017

In: Incidents, Malware

During incident response, a team of security specialists needs to follow the artefacts that attackers have left in the network. Artefacts are stored in logs, memories and hard drives. Unfortunately,Read More →

Year: 2017 (Page 97)

Hacker hijacked more than 150,000 printers

2 thoughts on “Code Execution in SQL Server via Fileless CLR-based Custom Stored Procedures”

WhatsApp Brings Two-step Verification For 1.2 Billion Users, Here’s How To Enable It

Quickly Add an .onion URL to Your Site with the Enterprise Onion Toolkit (EOTK)

The next generation of cyber attacks — PDoS, TDoS, and others

Every website that uses jQuery Mobile, and has any open redirect is vulnerable to XSS

Ticketbleed flaw in F5 Networks BIG-IP appliances exposed to remote attacks

DynA-Crypt not only Encrypts Your Files, but Also Steals Your Info

Owning a Locked OnePlus 3/3T: Bootloader Vulnerabilities

Fileless attacks against enterprise networks

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

FortiGate Firewalls Zero-Day Chaos: How Hackers Are Gaining Control of Firewalls Worldwide – Is Your Network at Risk?

How Hackers Can Hijack Your Device Without You Knowing – MediaTek’s RCE Flaw Explained

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]