2018-10-31 News Feed

Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn2018-10-31

Happy Samhain!

New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1
https://thehackernews.com/2018/10/iphone-ios-passcode-bypass.html
#hackerstuff #HackThePlanet

Windows 10 Bug Let UWP Apps Access All Files Without Users’ Consent
https://thehackernews.com/2018/10/windows10-uwp-apps.html
#hackerstuff #HackThePlanet

WOW!
Employee infects US govt network with malware after visiting 9,000 porn sites

Employee infects US govt network with malware after visiting 9,000 porn sites

#hackerstuff #HackThePlanet

Bloom Password Filter Patent
https://www.openwall.com/lists/passwords/2018/10/29/1
#hackerstuff #HackThePlanet

A-Simple-Rogue-Device-Scanner – A simple python program that ping sweeps your network at a certain interval and logs new devices.
https://github.com/Th3J0kr/A-Simple-Rogue-Device-Scanner
#hackerstuff #HackThePlanet

Emotet Awakens With New Campaign of Mass Email Exfiltration
https://blog.kryptoslogic.com/malware/2018/10/31/emotet-email-theft.html
#hackerstuff #HackThePlanet

Tweetable Exploit for X.org Server Local Privilege Escalation (CVE-2018-14665) Released
https://www.tenable.com/blog/tweetable-exploit-for-x-org-server-local-privilege-escalation-cve-2018-14665-released
#hackerstuff #HackThePlanet

Kernel RCE caused by buffer overflow in Apple’s ICMP packet-handling code (CVE-2018-4407)
https://lgtm.com/blog/apple_xnu_icmp_error_CVE-2018-4407
#hackerstuff #HackThePlanet

Project Dribble: hacking Wi-Fi with cached JavaScript
https://rhaidiz.net/2018/10/25/dribble-stealing-wifi-password-via-browsers-cache-poisoning/
#hackerstuff #HackThePlanet

2018-10-30 News Feed

Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn2018-10-30

Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer
https://thehackernews.com/2018/10/microsoft-office-online-video.html
#hackerstuff #HackThePlanet

Signal Secure Messaging App Now Encrypts Sender’s Identity As Well
https://thehackernews.com/2018/10/signal-secure-messaging-metadata.html
#hackerstuff #HackThePlanet

Kali Linux 2018.4 Release
https://www.kali.org/news/kali-linux-2018-4-release/
#hackerstuff #HackThePlanet

CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains

CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains

#hackerstuff #HackThePlanet

.:: Phrack Magazine ::. Viewer Discretion Advised
http://phrack.org/papers/viewer_discretion_advised.html
#hackerstuff #HackThePlanet

Facebook’s New ID Verification System Is Intrusive

Facebook’s New ID Verification System Is Intrusive

#hackerstuff #HackThePlanet

Mac cryptocurrency ticker app installs backdoors

Mac cryptocurrency ticker app installs backdoors

#hackerstuff #HackThePlanet

Malware sample library
https://github.com/mstfknn/malware-sample-library
#hackerstuff #HackThePlanet

Attacking Google Authenticator
https://www.unix-ninja.com/p/attacking_google_authenticator
#hackerstuff #HackThePlanet

2018-10-29 News Feed

Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn2018-10-29

IBM Buys “Red Hat” Open-Source Software Company for $34 Billion
https://thehackernews.com/2018/10/ibm-redhat-tech-acquisition.html
#hackerstuff #HackThePlanet

Fuxploider – File upload vulnerability scanner and exploitation tool
https://github.com/almandin/fuxploider
#hackerstuff #HackThePlanet

2018-10-24 News Feed

Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn2018-10-24

Hacker Discloses New Windows Zero-Day Exploit On Twitter
https://thehackernews.com/2018/10/windows-zero-day-exploit.html
#hackerstuff #HackThePlanet

Critical Flaws Found in Amazon FreeRTOS IoT Operating System
https://thehackernews.com/2018/10/amazon-freertos-iot-os.html
#hackerstuff #HackThePlanet

ProtonVPN Subscriptions Now Available on Firefox for $10
https://www.hackread.com/protonvpn-mozilla-firefox-subscriptions/
#hackerstuff #HackThePlanet

Vesta control panel servers infected with DDoS malware after supply chain attack

Vesta control panel servers infected with DDoS malware after supply chain attack

#hackerstuff #HackThePlanet

Personal data of 75,000 individuals exposed after HealthCare.gov system hack

Personal data of 75,000 individuals exposed after HealthCare.gov system hack

#hackerstuff #HackThePlanet

LIVE555 media streaming library hit by remote code execution flaw

LIVE555 media streaming library hit by remote code execution flaw

#hackerstuff #HackThePlanet

Bad to the Bot Bone
https://www.hackread.com/bad-to-the-bot-bone/
#hackerstuff #HackThePlanet

Swedish court tells ISP to block The Pirate Bay in the country

Swedish court tells ISP to block The Pirate Bay in the country

#hackerstuff #HackThePlanet

DEF CON Main Track Talks on YouTube!

#hackerstuff #HackThePlanet

testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws

testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws

#hackerstuff #HackThePlanet

Multiple 0days used by Magecart
https://gwillem.gitlab.io/2018/10/23/magecart-extension-0days/
#hackerstuff #HackThePlanet

Embedding Meterpreter in Android APK

Embedding Meterpreter in Android APK

#hackerstuff #HackThePlanet

jQuery-File-Upload <= 9.x Remote Code Execution (with ImageMagick/Ghostscript) https://blog.vulnspy.com/2018/10/23/jQuery-File-Upload-9-x-Remote-Code-Execution-With-ImageMagick-Ghostscript/ #hackerstuff #HackThePlanet

Osint With Recon-Ng

OSINT with Recon-ng

#hackerstuff #HackThePlanet

2018-10-18 News Feed

Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn2018-10-18

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info
https://thehackernews.com/2018/10/tumblr-account-hacking.html
#hackerstuff #HackThePlanet

LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence
https://thehackernews.com/2018/10/hacking-tool-luminositylink.html
#hackerstuff #HackThePlanet

Authorities search & seize properties of GTA V’s “Infamous” cheat developers

Authorities search & seize properties of GTA V’s “Infamous” cheat developers

#hackerstuff #HackThePlanet

GreyEnergy: New malware targeting energy sector with espionage

GreyEnergy: New malware targeting energy sector with espionage

#hackerstuff #HackThePlanet

400% increase in cryptomining malware attacks against iPhones

400% increase in cryptomining malware attacks against iPhones

#hackerstuff #HackThePlanet

CVE-2018-18284: Ghostscript sandbox escape (also Tavis Ormandy is officially done with Ghostscript)
https://www.openwall.com/lists/oss-security/2018/10/16/2
#hackerstuff #feedly

Using Route 53 as Pentest Infrastructure
https://blog.stratumsecurity.com/2018/10/17/route-53-as-a-pentest-infrastructure/
#hackerstuff #HackThePlanet