Thursday, March 30, 2017

Mirai Variant Launches 54 Hours DDoS Attack Generated 2.8 Billion Requests in US college

Mirai Variant launched continues DDoS in unnamed college in U.S  and it performed  54 Hours continuously  and  researchers believe it is a new variant of Mirai, one that is “more adept at launching application layer assaults.”
Researchers informed the Traffic flow around “30,000 RPS and peaked at around 37,000 RPS” and it is on of the hight amount of bots performed attack around  “2.8 Billion Requests” in Mirai botnet History .
at No comments:

Around 8 million websites affected by a critical Buffer Overflow Vulnerability resides in IIS 6.0

Internet Information Services is an extensible web server made by Microsoft for use with the Windows NT family.IIS can help you achieve better performance, reliability, scalability, and security for your websites.
The IIS6.0 zero-day flaw was found by two scientists with the Information Security Lab and School of Computer Science and Engineering, South China University of Technology Guangzhou, China who distributed a POC code misuse on GitHub.
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with.
at No comments:

Tuesday, March 28, 2017

Network Penetration Testing Checklist

Network Penetration testing determines vulnerabilities on the network posture by discovering Open ports, Trouble shootingLive systems, services and grabbing system banners.
The pen-testing helps administrator to close unused ports, additional services, Hide or Customize banners, Troubleshooting services and to calibrate firewall rules.You should test in all ways to guarantee there is no security loophole.
Let’s see how we conduct a step by step Network penetration testing by using some famous network scanners.
at 1 comment:

Sunday, March 26, 2017

New Attack Called “XSSJacking” Discovered That Combined of Clickjacking, Pastejacking and Self-XSS Attacks



A New Attack method called “XSSJacking” a type of Web application Clickjacking, Pastejacking and Self-XSS Web application based Attack Discovered by the Security Researcher Dylan Ayrey.

While Clickjacking vulnerability existing in particular page, this attack will trigger Self-XSS.


“SelfXSS is a social engineering attack used to gain control of victims’ web accounts.In a selfXSS attack, the victim of the attack accidentally runs malicious code in his/her own web browser, thus exposing it to the attacker.

 Read More at GBhackers On Security
at No comments:

87 fake Minecraft mods reached up to 990,000 Android users spotted on Google Play Store

Malicious Apps hosted in Google play store is a never ending process, researchers from Zsclarer and ESET reported dozens of the app that contain aggressive adware strains.
These fake mods reached up to 990,000 installs and they were split into two categories

  • ad-displaying downloader – Android/TrojanDownloader.Agent.JL.
  • App to redirect the user to scam websites – Android/FakeApp.FG.

at No comments:

Saturday, March 25, 2017

A Penetration Testing Checklist For Linux Machine – Intrusion Discovery

Since  Already we Discussed  A Penetration Testing Cheat Sheet For Windows Machine – Intrusion Detection ,

Here we will see the Most Important Linux Machine Pentesting  Checklist On an occasional premise (day by day, week by week, or each time you log on to a framework you oversee) gone through these anomalous behaviour  to search for strange conduct that may be  caused by a computer intrusion. Each of these commands runs locally on a system

Read More at GBHackers On Security

.
at No comments:

GiftGhostBot Botnet Attacked Nearly 1,000 Online E-Commerce Stores

A botnet specialized in gift card fraud is using the infrastructure of nearly 1,000 websites to check the balance of several types of electronic gift cards in order to defraud legitimate card owners.

Distil Networks, a cybersecurity firm specialized in bots attack detection, monitoring, and mitigation, says the botnet, nicknamed GiftGhostBot, has started attacks on February 26, 2017.


It is a card breaking or token cracking assault. This implies fraudsters are utilizing computerization to test a moving rundown of potential record numbers and asking for the adjust. In the event that the adjust is given, the bot administrator realizes that the record number exists and contains stores.

Read More at GBHackers On Security
at No comments:

Apache Struts2 Remote Code Execution Vulnerability S2-046

Apache Struts is a free and open-source framework used to build Java web applications.This is not the first remote code execution vulnerability discovered on Apache Struts.

Apache Struts2 official released a security bulletin, the bulletin pointed out that Apache Struts2 Jakarta Multipart parser plug-in, there is a remote code execution vulnerability, vulnerability number CVE-2017-5638.

Read More at GBHackers On Security
at No comments:

Thursday, March 23, 2017

Possible credential attack vectors and ways to prevent credential based attacks

Password combined with username form credentials, nearly everything we do online require credentials in our modern world.
To be secure, you’re relied upon to give each of these accounts a solid, unique password that you change consistently and store such that attacker couldn’t make use of it if stolen. Furthermore, you should make a unique username too.
But in practical it is hard to remember username and password.Strong unique passwords are harder to create and to remember, researchers from Paloalto released a White paper on  Credential based attacks, which summarize the possible password attacks and defense mechanism we are to see here.
at No comments:

Wednesday, March 22, 2017

How to Do Penetration testing with your WordPress website detailed Explanation

WordPress is a free online Open source content Managed system focused on PHP and MySQL. It is one the powerful and most used blogging tool.
As there is too many up’s and down’s in WordPress usage, it requires a security improvement, so the penetration test is essential to find the vulnerabilities and to secure you WordPress powered blog.
Security researcher Daniel Cid says, in 2016 At least 15,769 WordPress websites – and probably more – have been compromised. With Sucuri report almost 78% of infected websites were built on the WordPress platform.

at No comments:

Tuesday, March 21, 2017

Chinese PUPs distributing Backdoored Drivers which affect Windows operating system

UP(potentially unwanted program) packages that install’s along with Chinese software’s consist of backdoors targeting English speakers. The backdoor was uncovered by Malware bytes research team by analyzing a China-developed WiFi hotspot application.

Distribution of Backdoor

These backdoors are being dropped by one of the major PUP bundler networks and then the bundler runs the installation hidden with argument /silent.
Installer SHA-256 Hash : B89017C2627CA80C68292453440CFCAE07A12798422737915F80F0720879C3D4

Read More at GBHackers On Security
at No comments:

A Penetration Testing Cheat Sheet For Windows Machine – Intrusion Detection

In the event that your Windows machine has been compromised . in any case, don’t know where to hope to locate the awful folks’ nearness? This cheat sheet is intended to help Windows  Administrators and security personnel to better execute and inside and out the examination of their framework keeping in mind the end goal to search for indications of compromise.

Read More at GBHackers On Security


at 2 comments:

Friday, March 17, 2017

Ask.com Toolbar Compromised Twice in 2 Months , Second Attack Installed RAT

Ask Partner Network (APN) has been compromised twice within 2 month since 2016 November. Researcher’s Discovered deliver malware to computers running the Ask.com Toolbar.
First Attack took place at the November Reported by Red Canary security and discovered that Ask’s software was being co-opted by a malicious actor to execute malicious software on victims’ endpoints.
Once installed, the dropper would bring in secondary malware including banking Trojans and other online-fraud.

at No comments:

Thursday, March 16, 2017

Web Server Penetration Testing Checklist

Web server pen testing performing under 3 major category which is identity , Analyse , Report Vulnerabilities such as authentication weakness , configuration errors, protocol Relation vulnerabilities .
“Conduct a serial of methodical and Repeatable  tests “ is the best way to test the web server along with this to work through all of the different application Vulnerabilities.
at No comments:

MajikPOS Dual malware targeting businesses across North America and Canada

A new group of POS malware family made its presence targeting business systems around North America and Canada.The objective of PoS malware is to take information related to monetary exchanges, including credit card information.
TrendMicro detected MajikPOS Dual malware which uses a combination of PoS malware and remote access Trojan (RAT) to attack their targets.
MajikPOS is named after its command and control (C&C) board that receives commands and sends exfiltrated information.
at No comments:

Drupal releases Security update for Multiple Vulnerabilities

Drupal is a content management software. It’s utilized to make a considerable amount of the websites and applications you utilize each day. Its tools help you to build the versatile, organized content that dynamic web experience require.
Drupal is a platform the United States, London, France, and more use to communicate with the citizen. It’s the system media organizations like BBC, NBC, and MTV UK relies on to educate and engage the world.


at No comments:

WhatsApp & Telegram Accounts Compromised By New Vulnerability that Allowed Hackers to Take over Hundreds of Millions of Accounts

Checkpoint Researchers Compromised Both Whatsapp & Telegram chat applications which served by End-to -End Encryption.Both application designed with strong encryption that won’t allow to read anyone except the people who communicate originally.

Checkpoint Proved that the same mechanism has also been the origin of the new critical Vulnerability that allow to take over the entire chat conversation of the Victim for both online platform — “WhatsApp Web and Telegram Web” .

Read More at GBHackers On Security
at No comments:

“Super Malware” Steals Encryption Keys From Intel SGX Isolated Memory Fields

A scientist’s Team from Graz University of Technology revealed the method that leaking the  encryption data from Intel SGX (Software Guard Extensions ) enclaves which is called Isolated Memory FIeld .
Intel SGX is a set of new instructions from Intel that allows user-level code to allocate private regions of memory, called enclaves, that unlike normal process memory is also protected from processes running at higher privilege levels.

at No comments:

Tuesday, March 14, 2017

Hancitor Makes First Appearance in Top Five Most wanted malware – February 2017

Hancitor has grown into the main five of the ‘most wanted’ malware families worldwide for the first time, reported by Checkpoint Threat Intelligence Research Team.
Hancitor also called as Chanitor is typically sent as a macro-enabled empowered Office document in phishing messages with “critical” messages, for example, phone messages, faxes or invoices.

at No comments:

Monday, March 13, 2017

Hardware Firewall for your USB ports

The USG is a little, versatile hardware USB firewall that segregates a potentially harmful device from your PC.

USG, created by New Zealander Robert Fisk, USG does supports for mass storage (flash drives), keyboards, and mouse. Future firmware amendments may include additional gadgets and features.

Read more at GBHackers On Security


at No comments:

Pre-Installed Malware Discovered in 38 Well-Known Android Devices Including Samsung , Lenovo , Nexus

Mobile Threat prevention Team from Checkpoint Software Discovered Pre-Installed malware in more than 30 android smartphone models belonging to popular Mobile companies such as Samsung , Lenovo , Nexus,Xiaomi ,Asus , LG, Oppo,Vivo .

 This malware is not an usual malware as download to the devices and attacker behind of the infection . This has been pre-installed with the devices .


According to the Checkpoint Report , The malware was installed when the manufacturer complete the installation of the applications  on the devices and finally users received with infected  device.

 Read More at GBHackers On Security
at No comments:

These Google Play Apps are Steal your Instagram Credential -Beware

SET Security Discovered 13 malicious apps which performing to steal your instagram creditionals .These apps has been installed almost 1.5 Millions users .

These 13 apps are tricking  user by the way of encouraging to boost instagram followers. Under the detection name Android/Spy.Inazigram .
According to ESET Report ,The apps were phishing for Instagram credentials and sending them to a remote server.

Read more at GBHackers On Security
at No comments:

Thursday, March 9, 2017

Confide App used by White House staffers Found Vulnerable for MITM attacks

Confide is an a encrypted texting application for Android and iOS, which used by staffers in White House for their secret communication.

Security Experts from IOActive found Multiple critical flaws while testing versions 4.0.4 for Android and 1.4.2 for Windows and OS X.

Read More at GBHackers On Security


at No comments:

Tuesday, March 7, 2017

WordPress 4.7.3 released with patch for six security issues, but not for CSRF

  1. Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs.
  2. Control characters can trick redirect URL validation. Reported by Daniel Chatfield.
  3. Unintended files can be deleted by administrators using the plugin deletion functionality. Reported by xuliang.
  4. Cross-site scripting (XSS) via video URL in YouTube embeds. Reported by Marc Montpas.
  5. Cross-site scripting (XSS) via taxonomy term names. Reported by Delta.
  6. Cross-site request forgery (CSRF) in Press This leading to excessive use server resources. Reported by Sipke Mellema.

at No comments:

Penetration testing Android Application checklist

Android is the biggest organized base of any mobile platform and developing fast—every day. Besides, Android is rising as the most extended operating system in this viewpoint because of different reasons.

However, as far as security, no data related to the new vulnerabilities that could prompt to a weak programming on this stage is being revealed, realizing that this stage has an outstanding attack surface.

 Read More at GBHAckers On Security
at No comments:

Do you know how much Effort Google dedicate into Cyber Security for Secure the Digital world ?

Google always Maintain the Extremely strong Security Culture for Data security, Network security, Cloud Security and Physical security. Google’s this extreme level security protection beginning from hiring the employee until the biggest security breach investigations.

Employee background checks ,Security training Privacy events


Before they join google staff, Google will confirm an individual’s training and past business, and perform inner and outside reference checks.

Read More at GBHackers On Security

at No comments:

More Than 100 Google Play Store Apps Infected with Malicious IFrames

iFrames used to to embed another document within the current HTML document.Malicious iFrames has been discovered in more than 100 google play store android applications .

 Researcher’s from paloaltonetworks  said, “132 Android apps on Google Play infected with tiny hidden IFrames that link to malicious domains in their local HTML pages


The most popular one having more than 10,000 installs alone .most likely that the app developers’ development platforms were infected with malware that searches for HTML pages and injects malicious content at the end of the HTML pages it finds ,Researcher’s said.

Read More at GBHackers On Security

at No comments:

Phishing Activity Trends Report for 4th Quarter 2016 – APWG

The APWG Phishing Activity Trends Report breaks down phishing attacks reported to the APWG by its part organizations, its Global Research Partners, through the association’s site at http://www.apwg.org, and by email entries to reportphishing@antiphishing.org.

Phishing is a fraud mechanism utilizing both social engineering and specialized subterfuge to take buyers’ individual personality information and financial accreditation’s.

The APWG likewise tracks the number of unique phishing sites.

That is currently controlled by the one of a unique base URLs of the phishing sites.

Read More at GBHackers On Security

at No comments:

Security Researcher Breaks Google’s ReCaptcha v2 using Google’s Own Tool

Researcher Discover “A logic vulnerability” dubbed ReBreakCaptcha to bypassing Google’s reCAPTCHA fields which is using for prevent from robots and abusive scripts to access sites  by using google’s Speech Recognition API.

 According to the Security Researcher , a bypass Technique called ReBreakCaptcha  which is used for bypass Google’s ReCaptcha v2 anywhere on the web.

 Read More at GBHackers On Security

at No comments:

First Malware Family ” Dridex ” Banking Trojan integrate with Atom-Bombing Technique

IBM security Discovered a Malware family called  ” Dridex’s ”  with samples of version 4.0 of the infamous fully integrate Dangerous Auto Bombing banking trojan (Dridex v4).

 Dridex v4 Reported as the only Trojan has encountered to use Atom-bombing . IBM X-Force said it is already in use in active campaigns against U.K. banks .


But major thing should be take necessary stop will be taken before hacking taking over other countries banking sector.

Read More at GBhackers On Security

at No comments:
Subscribe to: Posts (Atom)