2018-10-02 News Feed

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

New iPhone Passcode Bypass Hack Exposes Photos and Contacts
https://thehackernews.com/2018/10/iphone-passcode-bypass-hack.html
#hackerstuff #hackThePlanet

GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers
https://thehackernews.com/2018/10/ghostdns-botnet-router-hacking.html
#hackerstuff #HackThePlanet

Telegram Calling Feature Leaks Your IP Addresses—Patch Released
https://thehackernews.com/2018/09/hack-telegram-messenger.html
#hackerstuff #HackThePlanet

Demonoid goes offline with owner missing in action for last two months

Demonoid goes offline with owner missing in action for last two months


#hackerstuff #HackThePlanet

CVE-2017-11176: A step-by-step Linux Kernel exploitation
https://blog.lexfo.fr/cve-2017-11176-linux-kernel-exploitation-part1.html
#hackerstuff #HackThePlanet

Ethical Hacking Master Class – 100+ Hours Bundle
https://hacking-school.teachable.com/p/ethical-hacking-master
#hackerstuff #HackThePlanet

1400+ Canadian Fast-Food Restaurant Locations Closed due to Malware Outbreak
https://www.cbc.ca/news/business/recipe-unlimited-swiss-chalet-east-side-mario-s-malware-outbreak-1.4845907
#hackerstuff #HackThePlanet

Collecting Shells by the Sea of NAS Vulnerabilities
https://blog.securityevaluators.com/collecting-shells-by-the-sea-of-nas-vulnerabilities-155a0bd7c525
#hackerstuff #HackThePlanet

2018-09-28 News Feed

Categories Annoyances, Hacker Shit, News Feed Stuff, Random Musings, Security Stuff

Julian Assange will no longer be the editor-in-chief of WikiLeaks
https://thehackernews.com/2018/09/wikileaks-kristinn-hrafnsson.html
#hackerstuff #HackThePlanet

Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
https://thehackernews.com/2018/09/linux-kernel-exploit.html
#hackerstuff #HackThePlanet

16-Year-Old Boy Who Hacked Apple’s Private Systems Gets No Jail Time
https://thehackernews.com/2018/09/apple-server-hack.html
#hackerstuff #HackThePlanet

Pangu Hackers have Jailbroken iOS 12 on Apple’s New iPhone XS
https://thehackernews.com/2018/09/ios12-iphone-jailbreak-exploit.html
#hackerstuff #HackThePlanet

DEF CON 26 Voting Village Report Released!
https://defcon.org/images/defcon-26/DEF%20CON%2026%20voting%20village%20report.pdf
#hackerstuff #HackThePlanet

LPE on Linux – vmacache_flush_all() bug
https://bugs.chromium.org/p/project-zero/issues/detail?id=1664
#hackerstuff #HackThePlanet

Upgrade Your SSH Key to Ed25519
https://risan.io/upgrade-ssh-key-to-ed25519.html
#hackerstuff #HackThePlanet

Mimikatz bypass for Credential Guard on latest Win10 released live at Microsoft conf
https://github.com/gentilkiwi/mimikatz/releases/tag/2.1.1-20180925
#hackerstuff #HackThePlanet

Ghostbuster: Detecting the Presence of Hidden Eavesdroppers [pdf]
https://synrg.csl.illinois.edu/papers/ghostbuster-mobicom18.pdf
#hackerstuff #HackThePlanet

Hackers Stole 50 Million @Facebook Users’ Access Tokens Using Zero-Day Flaw
https://thehackernews.com/2018/09/facebook-account-hack.html
#hackerstuff #HackThePlanet

Twenty years of Escaping the Java Sandbox (Phrack Paper)
http://phrack.org/papers/escaping_the_java_sandbox.html
#hackerstuff #HackThePlanet

2018-09-27 News Feed

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

VPNFilter Router Malware Adds 7 New Network Exploitation Modules
https://thehackernews.com/2018/09/vpnfilter-router-hacking.html
#hackerstuff #HackThePlanet

ex-NSA Hacker Discloses macOS Mojave 10.14 Zero-Day Vulnerability
https://thehackernews.com/2018/09/apple-macos-mojave-exploit.html
#hackerstuff #HackThePlanet

New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions
https://thehackernews.com/2018/09/linux-kernel-vulnerability.html
#hackerstuff #HackThePlanet

Banking trojan found in call recorder app on Play Store – stole over €10,000

Banking trojan found in call recorder app on Play Store – stole over €10,000


#hackerstuff #HackThePlanet

Vibing Your Way Through an Enterprise: How Attackers are Becoming More Sneaky

https://github.com/Tylous/Vibe

#hackerstuff #HackThePlanet

Cloudflare Encrypting SNI: Fixing One of the Core Internet Bugs
https://blog.cloudflare.com/esni/
#hackerstuff #HackThePlanet

A cache invalidation bug in Linux memory management
https://googleprojectzero.blogspot.com/2018/09/a-cache-invalidation-bug-in-linux.html
#hackerstuff #HackThePlanet

Blanket: a sandbox escape targeting iOS 11.2.6

Blanket is a sandbox escape targeting iOS 11.2.6


#hackerstuff #HackThePlanet

Siaberry’s Command Injection Vulnerability
https://blog.spaceduck.io/siaberry-1/
#hackerstuff #HackThePlanet

SQL injection, Oracle and full-width characters – Tomas Lažauninkas – Medium
https://medium.com/@Wflki/sql-injection-oracle-and-full-width-characters-13bb86fc034a
#hackerstuff #HackThePlanet

Executing Meterpreter in Memory on Windows 10 and Bypassing AntiVirus
https://www.n00py.io/2018/06/executing-meterpreter-in-memory-on-windows-10-and-bypassing-antivirus/
#hackerstuff #HackThePlanet

SSD Advisory – VirtualBox VRDP Guest-to-Host Escape

SSD Advisory – VirtualBox VRDP Guest-to-Host Escape


#hackerstuff #HackThePlanet

Bypassing Duo Two-Factor Authentication (Fail Open)
https://www.n00py.io/2018/08/bypassing-duo-two-factor-authentication-fail-open/
#hackerstuff #HackThePlanet

Using “magic” DNS-resolutions to track suspicious domains
https://blog.dcso.de/using-magic-dns-resolutions-to-track-suspicious-domains/
#hackerstuff #HackThePlanet

Gaining Shell using Server Side Template Injection (SSTI)
https://medium.com/@david.valles/gaining-shell-using-server-side-template-injection-ssti-81e29bb8e0f9
#hackerstuff #HackThePlanet

cspparse: A tool to evaluate Content Security Policies.
https://github.com/C0RB3N/cspparse
#hackerstuff #HackThePlanet

BYOB (Build Your Own Botnet)
https://github.com/malwaredllc/byob
#hackerstuff #HackThePlanet

Effortless security feature detection with Winchecksec
Effortless security feature detection with Winchecksec
#hackerstuff #HackThePlanet

2018-09-26 News Feed

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

Ex-NSA Developer Gets 5.5 Years in Prison for Taking Top Secret Documents Home
https://thehackernews.com/2018/09/nsa-secret-hacking-tools.html
#hackerstuff #HackThePlanet

Linux kernel universal heap spray
https://cyseclabs.com/blog/linux-kernel-heap-spray
#hackerstuff #HackThePlanet

Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privileges
https://www.securify.nl/advisory/SFY20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html
#hackerstuff #HackThePlanet

Disarm a Home Security System – HackRF/Universal Hacker Radio
https://safekeepcybersecurity.github.io/posts/2018/09/homehack_urh/
#hackerstuff #HackThePlanet

2018-09-25 News Feed

Categories Hacker Shit, News Feed Stuff, Random Musings, Security Stuff, Stuff To Learn

Malware hits Freelancers at Fiverr and Freelancer.com

Malware hits Freelancers at Fiverr and Freelancer.com


#hackerstuff #HackthePlanet

Juicy Potato: A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
https://ohpe.it/juicy-potato/
#hackerstuff #HackthePlanet

Tencent security engineer fined for Singapore Hotels Hack
Original: https://hk.saowen.com/a/6e3d908180fb701992fb60035e2a9fcdf8b1b52268516ae75882add040bd39d1
English: https://sg.news.yahoo.com/tencent-engineer-attending-cybersecurity-event-fined-hotel-wifi-hacking-112316825.html
#hackerstuff #HackthePlanet

Unlock a Mustang GT – HackRF/Universal Hacker Radio
https://safekeepcybersecurity.github.io/posts/2018/09/carhack_urh/
#hackerstuff #HackthePlanet

TruePolyglot: A polyglot file generator
https://truepolyglot.hackade.org/
#hackerstuff #HackthePlanet

Bitcoin Core Software Patches a Critical DDoS Attack Vulnerability
https://thehackernews.com/2018/09/bitcoin-core-software.html
#hackerstuff #HackThePlanet

Deep Analysis of a Driver-Based MITM Malware: iTranslator
https://www.fortinet.com/blog/threat-research/deep-analysis-of-driver-based-mitm-malware-itranslator.html
#hackerstuff #HackThePlanet