Hacking the Western Digital MyCloud NAS
2018-01-05
Sometimes at Exploitee.rs, we look for fun devices to hack and sometimes the devices find us. Today we’re going to talk about a recent time where we found ourselves inRead More →
Apple confirms iPhone, Mac affected by Meltdown-Spectre vulnerabilities
2018-01-05
The iPhone maker has confirmed all Mac systems and devices running iOS are affected by the vulnerabilities, but also said there are currently no known exploits. Apple has issued a statement regardingRead More →
Privacy of location tracking device owners threatened by ‘Trackmageddon’ flaws
2018-01-04
A slew of online services used to manage GPS- and GSM-based location tracking devices have been found vulnerable to flaws that could allow attackers to hijack these devices and revealRead More →
Google Apps Script vulnerability could have opened the door for malware
2018-01-04
No user interaction required – and the exploit could’ve been used to distribute any form of malware. A vulnerability in Google Apps Script could have allowed attackers to use GoogleRead More →
Meltdown and Spectre vulnerabilities bring the computing apocalypse, and yes, you are screwed
2018-01-04
Earlier today, we reported on some shocking news — there is a serious vulnerability that affects Intel processors. To make matters worse, patching that vulnerability — now known as “Meltdown” —Read More →
Starbucks Customer Computers Hacked to Mine Bitcoin over Public WiFi
2018-01-03
Hackers in Argentina found a way to exploit computers over public WiFi and use them to mine bitcoin. How do we stay secure as public internet access becomes more common?Read More →
This Vulnerability in phpMyAdmin Lets An Attacker Perform DROP TABLE With A Single Click!
2018-01-02
Most of you are familiar about Cross Site Request Forgery (CSRF) vulnerability, it is one of the most common vulnerabilities; it was listed in OWASP Top 10 – 2013. Previously,Read More →
Web Trackers are now Exploiting Password Managers to Track User Behavior
2018-01-02
Password Managers have been around for quite some time, and most of us rely on them for managing our passwords across several websites. Services like LastPass, 1Pass, and KeePass haveRead More →
PROCESS DOPPELGÄNGING – GIVING HARD TIME TO AV VENDORS
2018-01-02
Recently security researcher’s from enSilo group presented new evasion technique called Process Doppelgänging at Blackhat Europe-2017. This technique bypasses most popular Antivirus, NGFW and EDR solutions present in the market. This techniqueRead More →
Liverpool Mexico website hijacks visitor computers/mobiles to mine cryptocurrency
2017-12-30
As the values of the largest cryptocurrencies have multiplied, so too have reports of digital-currency miners stealing resources to increase the profitability of their operations. Few weeks back, we reportedRead More →
ATMs running on Windows XP in Russia hacked by pressing ‘Shift’ key 5 times
2017-12-30
Security vulnerability found in ATM machines running Windows XP in Russia. All ATMs that are still running on Microsoft’s 16-year-old Windows XP operating system are at the risk of getting hackedRead More →
OSPF (Open Shortest Path First) Routing Protocol & Its Stages
2017-12-30
OSPF (Open Shortest Path First) is a link state routing Protocol, a type of the Internal Gateway Protocol (IGP), which was designed to scale and support more extensive networks. To findRead More →
TCP Bind Shell in Assembly (ARM 32-bit)
2017-12-29
In this tutorial, you will learn how to write TCP bind shellcode that is free of null bytes and can be used as shellcode for exploitation. When I talk aboutRead More →
How Memory Leaks Happen in a Java Application
2017-12-29
Introduction to Memory Leaks In Java Apps One of the core benefits of Java is the JVM, which is an out-of-the-box memory management. Essentially, we can create objects and the Java Garbage Collector willRead More →
Russia Might Be Hacking FBI And Stealing Fingerprints Of Millions, Says Report
2017-12-28
If a mere speculation is to be believed, the biometric data of millions of Americans could be at the risk of being compromised by Russian hackers. They could “even compromiseRead More →
HACKERS CAN RICKROLL THOUSANDS OF SONOS AND BOSE SPEAKERS OVER THE INTERNET
2017-12-28
PERHAPS YOU’VE BEEN hearing strange sounds in your home—ghostly creaks and moans, random Rick Astley tunes, Alexa commands issued in someone else’s voice. If so, you haven’t necessarily lost your mind.Read More →
The Wildly Popular Christmas Game That Got Mistaken for Spyware
2017-12-27
How ‘Elf Bowling,’ the incredibly popular viral game from 1999, became an early victim of what we might now call “fake news.” I know this sounds pretty crazy and dangerous,Read More →
THE WIFI REPEATER YOU PROBABLY HAVE ON YOUR BENCH
2017-12-27
Few things are as frustrating as a WiFi signal that drops in and out. On a public network it is bad enough but at home? Even if you can liveRead More →
BadRabbit Ransomware Decided to Avoid One Antivirus Vendor
2017-12-26
Security researchers are noticing something curious about Tuesday’s BadRabbit ransomware outbreak. Apparently, the malicious code is built to avoid encrypting PCs running antivirus from a certain vendor. Researchers at FireEye noticed the issueRead More →
Sednit update: How Fancy Bear Spent the Year
2017-12-26
The Sednit group — also known as Strontium, APT28, Fancy Bear or Sofacy — is a group of attackers operating since 2004, if not earlier, and whose main objective is to stealRead More →
