Articles about Exploits

Tin-rattlers want to digitise lady engineers' historic exploits

The UK's Women's Engineering Society (WES) is indulging in some light tin-rattling aimed at digitising almost 100 years of the Women Engineer Journal. WES was formed in 1919 as a response to female exclusion from engineering's professional bodies, and quickly published the first issue of what would become the quarterly Women …
Lester Haines, 02 Apr 2015

Exploits no more! Firefox 26 blocks all Java plugins by default

The latest release of the Firefox web browser, version 26, now blocks Java software on all websites by default unless the user specifically authorizes the Java plugin to run. The change has been a long time coming. The Mozilla Foundation had originally planned to make click-to-run the default for all versions of the Java plugin …
Neil McAllister, 10 Dec 2013

NSA spooks tooled up with zero-day PC security exploits from the FRENCH

The NSA bought specialist computer hacking tools and research from French security outfit Vupen, according to documents unearthed using the Freedom of Information Act. A contract shows the American spooks paid for a year's supply of zero-day vulnerability information and the software needed to exploit those flaws to attack …
John Leyden, 17 Sep 2013

Vulns, exploits, hacks: Trusteer touts tech to terminate troubles

Infosec 2013 Trusteer is expanding from its speciality of providing transaction protection security to financial institutions with an enterprise-level product designed to guard against zero-day exploits and social engineering. Unpatched application vulnerabilities in widely deployed endpoint applications (such as web browsers) can be given …
John Leyden, 24 Apr 2013
The Kremlin in Moscow. Pic: Pavel Kazachkov

Kremlin hackers exploited TWO 0-day Flash, Windows vulns

A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments. The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation. Security firm FireEye says the pattern of the attacks fits …
John Leyden, 20 Apr 2015
More flaws found in Java

It's about time: Java update includes tool for blocking drive-by exploits

Oracle's latest update to the Java SE Development Kit (JDK) version 7 adds new security features designed to help businesses avoid being stung by critical vulnerabilities in out-of-date versions of Java. After a string of embarrassing Java security flaws was disclosed by independent researchers, Oracle has made addressing …
Neil McAllister, 13 Sep 2013
Cloud security image

Blackhat hack trick wallops popular routers

A cybercrime vigilante known as Kafeine says criminals are hitting thousands of victims with a hacking tool that targets more than 40 router models. The well-known hacker says the novel attacks use cross-site request forgery and exploits against new and old bugs to change router DNS settings. This bypasses the need to target …
Darren Pauli, 26 May 2015
Flash Gordon

Attackers sling recent Flash 0day through 1800 domains

Some 1800 subdomains have been found slinging the Angler exploit kit using Adobe's most recent Flash zero day exploit, Cisco researcher Nick Biasini says. The lion's share of nasty subdomains were set up on 28 and 29 January and tied to about 50 GoDaddy registrant accounts. Biasini said the malvertising attacks used several …
Darren Pauli, 04 Feb 2015
container_ship_hamburg_shutterstock_648

US plans to apply export controls to 0-days put out for comment

US proposals for export controls for zero-day vulnerabilities and malware have finally been pushed forward, re-opening the fault lines of a long-running argument among security experts in the process. The proposals (pdf) from the US Department of Commerce would introduce the Wassenaar Arrangement (WA) – an international …
John Leyden, 20 May 2015
The Register breaking news

Samsung's smart TVs 'wide open' to exploits

Samsung's Smart TV has a vulnerability which allows remote attackers to swipe data, according to security researchers. Malta-based security start-up ReVuln claims to have discovered a zero-day vulnerability affecting Smart TV, in particularly a Samsung TV LED 3D. Smart TV can be used to browse the internet, use social networks …
John Leyden, 12 Dec 2012

Biter bitten as hacker leaks source code for popular exploit kit

A black hat trouble maker appears to have released recent source code for one of the most popular exploit kits, malware-probers say. The dump was posted online by a user known as (@EkMustDie) before it was removed. The leaker appears to have previously tried to sell access to the exploit kit. Independent malware investigators …
Darren Pauli, 13 Feb 2015
Scrooge McDuck

Frontier wipes credit of Elite: Dangerous 'billionaire' badboys

Players of the game Elite: Dangerous who were made overnight "billionaires" due to a credit refund glitch will get their "winnings" wiped, the game's maker, Frontier Developments, has said. Initially the company offered the affected "commanders" a choice over whether they kept their loot or had their credit reset in order to …
Kat Hall, 08 Jan 2015
Good riddance to bad Java

NINETY PER CENT of Java black hats migrate to footling Flash

RSA 2015 Almost every Java-hacking black hat is now popping Adobe Flash, after Microsoft's hard-line patch policy made it harder to target software such as Java. The stricken scum now face a choice: work harder to find Java zero-days or abandon ship and start exploiting old Flash bugs. Redmond's security brains trust – Tim Rains, Matt …
Darren Pauli, 27 Apr 2015
Apple Watch Sport

Too much Appley WRISTJOBBERY could be BAD for your HealthKit

Users of Apple's healthcare data app platform - intended to allow developers access to healthcare info collected via its wristy gizmo - could be left wide open to security exploits, infosec bods have warned. The ResearchKit and HealthKit platform is intended to allow health researchers to aggregate information collected from iOS …
Kat Hall, 06 May 2015

Dangerous NTP hole ruins your Chrissy lunch

Critical holes have been reported in the implementation of the network time protocol (NTP) that could allow unsophisticated attackers root access on servers. System administrators may need to forego the Christmas beers and roasted beasts until they've updated NTP daemons running versions 4.2.8 and below. The grinch bug was …
Darren Pauli, 22 Dec 2014

France fingered as source of Syria-spying Babar malware

France's spy agency has been fingered as the likely author of complex reconnaissance malware, researchers say. The Casper malware is one of a handful with links to the Babar spy program which leaked NSA documents revealed last month to be the handiwork of France's Direction Générale de la Sécurité Extérieure (General Directorate …
Darren Pauli, 06 Mar 2015

Bad romance: Ransomware, exploit kits in criminal cuddle

The lowlifes behind the Cryptowall ransomware seem to have decided it's no longer worth developing their own exploit kits. Instead, according to analysis by Cisco, they're relying on other popular exploits to distribute the malware. The ransomware was considered one of the most effective ransomware offerings that encrypted a …
Darren Pauli, 10 Feb 2015

Hackers fear arms control pact makes exporting flaws illegal

Export regulations that threaten to hinder vulnerability research and exploit development have put hackers on edge ahead of the annual Pwn2Own contest. Operators of the hack-fest have reportedly issued an email warning to researchers to obtain legal advice about how the Wassenaar Arrangement, a 42-nation effort aimed at " …
Darren Pauli, 16 Feb 2015

It's 2015 and a RICH TEXT FILE or a HTTP request can own your Windows machine

Microsoft has delivered its latest monthly batch of security updates to address flaws in Windows, Office and Internet Explorer. Redmond's latest Patch Tuesday payload includes 11 bulletins, four of which are rated critical as they allow attackers to execute malicious code on victims' computers from across the internet. The full …
Shaun Nichols, 15 Apr 2015

APT devs are LOUSY coders, says Sophos

The most infamous advanced persistent threat groups write exploits that fail more often than they work, malware bod Gabor Szappanos says. The malware prober with SophosLabs Hungary office examined 15 exploit writing groups and rated six as having only basic skills. Szappanos found one popular exploit (CVE-2014-1761) used as a …
Darren Pauli, 05 Feb 2015
The Register breaking news

Crims prefer old exploits: Microsoft

While media around the world are excited by the announcement of every new zero-day vulnerabilities, attackers yawn, according to Microsoft. Presenting Volume 11 of its Security Intelligence Report at the RSA Conference in Europe on October 11, Microsoft pointed out that less than one percent of the attacks its report identified …

Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers

The SANS Institute has warned Windows IIS web server admins to get patching as miscreants are now exploiting a flaw in the software to crash websites. The security bug (CVE-2015-1635) allows attackers to knock web servers offline by sending a simple HTTP request. Microsoft fixed this denial-of-service vulnerability on Tuesday …
Iain Thomson, 16 Apr 2015

Cisco plugs remote code execution flaw in UCS Central control freak

Cisco has patched a remote code execution bug that could give attackers root privileges on its Unified Computing System (UCS) Central software used by more than 30,00 organisations. The UCS data centre server platform joins hardware, virtualisation, networking and software into one system. Versions 1.2 and below are affected. …
Darren Pauli, 08 May 2015

'Domain shadowing' hijacks registrar accounts to spawn attack sites

Fiends behind the world's most infamous exploit kit Angler are stealing login credentials to create tens of thousands of pop-up domains used in hit-and-run -style attacks. The new attacks are dubbed 'Domain Shadowing' and represent the latest evolution of online crime in which scores of web sites are set up to compromise victims …
Darren Pauli, 05 Mar 2015
Computer with dead bug, Stacy Brunner CC2 license

SAP crypto offers customers choice of remote code execution or denial of service

Yet another proprietary implementation of a popular protocol has turned up unexpected vulnerabilities, with SAP's data compression software open to remote code execution and denial-of-service exploits. The implementation in question is SAP's code running the popular LZC and LZH compression algorithms. As outlined over at Full …

Google guru: Android doesn't have malware, it has Potentially Harmful Applications™ instead

RSA 2015 Malware doesn't exist on Android, Google says, but Potentially Harmful Applications™ do. That linguistic flip is one of many at play in the Chocolate Factory's Android security division, which has dumped various general infosec terms overboard. Lead Android engineer Adrian Ludwig told the RSA Conference in San Francisco today …
Darren Pauli, 21 Apr 2015

Oracle releases July patch batch... with 27 fixes for remote exploits

Oracle has pushed out a quarterly patch batch of 89 updates that mean almost all of its enterprise software products need updating for one reason or another. Craig Young, a security researcher at Tripwire, noted that most of the vulnerabilities were picked up by third-party researchers. “The constant drumbeat of critical Oracle …
John Leyden, 17 Jul 2013

Pay-by-bonk chip lets hackers pop all your favourite phones

Blood is flowing on the floor of the Pwn2Own challenge slaughterhouse, after whitehats hacked their way through an Apple iPhone 5S, Samsung Galaxy S5, LG Nexus 5 and Amazon Fire, most often by using Near Field Communications. The annual contest backed by HP, BlackBerry and Google, and run by HP's Zero Day Initiative …
Darren Pauli, 13 Nov 2014

DEFCON 23 to host Internet of Things slaughterfest

The Internet of Things (IoT) will, come August, be torn apart in a new hacking slaughterfest announced for DEFCON 23. The contest run by the brains behind the router-smashing SOHOplessly Broken challenge aims to stain the carpet with the blood of internet accessible gadgets and junk as hackers tear apart devices to capture flags …
Darren Pauli, 06 May 2015
Wall of Spam. Pic: freezelight

Wordpress munching contagion turns Linux servers into spam bots

The Mumblehard malware is turning Linux and BSD server into spam-spewing zombies. Security researchers at ESET have logged over 8,500 unique IP addresses during a seven-month research period looking into the junk-mail-linked malware menace. Mumblehard is made up of two different components. The first component is a generic …
John Leyden, 01 May 2015

EXTREME COUPONING zeros checkout carts in eBay's Magento

Hacker Netanel Rubin has found a critical remote vulnerability in Ebay's web commerce platform Magento that affects 88,000 shops and allows buyers to purchase anything for free, and compromise credit cards and personal data. The CheckPoint vulnerability hunter says many tat bazaar stores are still exposed to the bug that allows …
Darren Pauli, 28 Apr 2015
Stuxnet

Oi! Rip Van Winkle: PATCH, already

Nearly 20 million computers remain infected with malware targeting a vulnerability first targeted four years ago by the Stuxnet worm. The flaw (CVE-2010-2568) was a Windows operating system bug in the way shortcuts worked allowing quiet download of the random dynamic library on Win Server 2003 and XP through to version 7. Since …
Darren Pauli, 20 Aug 2014
The Office

Office MACROS PERIL! Age-old VBScript tactic is BACK in biz attack

The dangers of allowing Office macros have been underlined by a newly discovered attack against European and Israeli companies. Malicious Office macros were used as the launchpad of the so-called RocketKitten attacks presented at this year's Chaos Communication Congress hacking conference (stream here, relevant material starts …
John Leyden, 31 Dec 2014

Your hard drives were RIDDLED with NSA SPYWARE for YEARS

The US National Security Agency (NSA) infected hard disk firmware with spyware in a campaign valued as highly as Stuxnet that dates back at least 14 years and possibly up to two decades – all according to an analysis by Kaspersky Labs. The campaign infected possibly tens of thousands of Windows computers in telecommunications …
Darren Pauli, 17 Feb 2015

Public exploit crashes Minecraft servers

A huffy hacker has published detailed steps for anyone to pull off an 'easy' Minecraft exploit capable of causing servers to crash. Developer Ammar Askar dropped the hack which allows attackers to send malformed packets that can crash Minecraft servers by exhausting its memory. The exploit publication comes two years after …
Darren Pauli, 17 Apr 2015
Ancient skull found in cave in northern Laos

Siemens issues emergency SCADA patch

Got Siemens SCADA? Get patching: the company has issued updates for software using its WinCC application to plug a bunch of remotely-exploitable vulnerabilities. According to the ICS-CERT advisory, versions of the company's SIMANTIC WinCC, SIMANTIC PCS7 and TIA Portal V13 (which includes a WinCC runtime) are all vulnerable. …
Don Draper is sad

Ad bidding network caught slinging ransomware

Attackers are using Flash exploits and foisting ransomware through real time advertising bidding networks, FireEye researchers say. The attacks link to malicious or compromised advertising sites which participate in real time bidding systems in which ad inventory is sold to and by publishers. More than 1700 malicious …
Darren Pauli, 11 Mar 2015

Hacker catches Apple's Lightning in a jailbroken bottle

Apple's Lightning connector protocols have been pried open in what could be a boon for the jailbreaking community. The hack opens access to Apple's serial kernel debugger, previously available on older iDevices, and reportedly gives jailbreak engineers an improved ability to debug kernel issues and iBoot exploits. Apple …
Darren Pauli, 16 Feb 2015

Noooo... WAIT. Google slaps on Chrome patches ahead of Pwn2Own hackfest

Pwn2Own Google trowelled plaster over seven security cracks in Chrome on Tuesday, a day before the browser became one of the targets at the annual Pwn2Own hacking competition. The latest cross platform security update for Chrome fixed four "high" severity flaws and three lesser bugs. Three of the four high profile bugs were discovered …
John Leyden, 13 Mar 2014
Hacker image

Psst, hackers. Just go for the known vulnerabilities

Despite all the publicity about zero-day exploits, a big percentage of breaches (44 per cent) come from vulnerabilities which are two to four years old. Server misconfigurations were the number one vulnerability, according to the latest edition of HP’s annual Cyber Risk Report, which concludes that well-known issues posed the …
John Leyden, 23 Feb 2015
Facebook security

Facebook slings $50k Internet Defense Prize™ at bug hunter duo

Facebook and Usenix have together created the Internet Defense Prize™ – and awarded its first gong to security bods Johannes Dahse and Thorsten Holz. The pair, of Ruhr University Bochum in Germany, received $50,000 from Facebook's prize-giving committee for their paper, Static Detection of Second-Order Vulnerabilities in Web …
Darren Pauli, 21 Aug 2014
Fraud image

Webcam-snooping spawn of ZeuS hits 150 banks worldwide

The latest evolution of the online bank account raiding Trojan ZeuS is the webcam-spying Chthonic malware, according to researchers. Chthonic infects Windows PCs, and allows criminals to connect to the compromised PC remotely and command it to carry out fraudulent transactions. The software nasty is targeting customers of more …
John Leyden, 19 Dec 2014

All Mac owners should migrate to OS X Yosemite 10.10.3 ASAP

Swedish hacker Emil Kvarnhammar has reported a since-fixed four-year-old local root 'backdoor' OS X that allows remote attackers to increase the damage of their hacks. Kvarnhammar says the unpublished API, which he dubs a backdoor, grants root access to local users on unpatched boxes. The flaw (CVE-2015-1130) is fixed in Apple's …
Darren Pauli, 10 Apr 2015
Google Chrome warning

Google looks to scrape away scumware, as only it can

Google is looking to cut down on the risk of attacks from web pages serving up unwanted downloads. The company said on Monday that it will add security protections into Chrome, Ads and Google Search in an effort to keep users away from sites believed to be installing adware, browser toolbars and other nuisance programs. For …
Shaun Nichols, 24 Feb 2015
Good riddance to bad Java

Now even Internet Explorer will throw lousy old Java into the abyss

Internet Explorer will soon join its rival browsers by automatically blocking old, insecure add-ons – and it's got its eye set squarely on Java. Microsoft said on Wednesday that starting on August 12, Internet Explorer will begin alerting users when web pages try to launch ActiveX controls that are considered out-of-date and …
Neil McAllister, 07 Aug 2014
Brute Force

Brute force box lets researchers, Cops, pop iDevice locks

Apple fans have more reason to update to iOS 8.2 with the discovery of a device used in the computer repair industry that automates password exploitation. The IP-Box tool exploits CVE-2014-4451 to conduct unlimited password guesses against iOS devices on 8.1 and below for iPhones and iPads. A barrage of PINs are entered by …
Darren Pauli, 16 Mar 2015

Dev put AWS keys on Github. Then BAD THINGS happened

Bots are crawling all over GitHub seeking secret keys, a developer served with a $2,375 Bitcoin mining bill found. DevFactor founder Andrew Hoffman said he used Figaro to secure Rails apps which published his Amazon S3 keys to his GitHub account. He noticed the blunder and pulled the keys within five minutes, but that was …
Darren Pauli, 06 Jan 2015
Good riddance to bad Java

Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default

The latest release of the Chrome web browser, version 42, will block Oracle's Java plugin by default as well as other extensions that use the deprecated NPAPI. The Chrome 42 – available now – brings about the end of official support for NPAPI, a move that will render various plugins incompatible with the browser. Among those …
Shaun Nichols, 14 Apr 2015

Adobe finds, patches ANOTHER exploited Flash 0day

Another exploited zero-day vulnerability has been uncovered and patched in Adobe Flash, 24 hours after a second flaw in the popular web trinket was found being used in attack kits. Adobe is examining yesterday's zero day, picked up by French researcher Kafeine who spotted it after analysing a version of the popular Angler …
Darren Pauli, 23 Jan 2015
Rickmote

Chrome trumps all comers in reported vulnerabilities

More vulnerabilities were discovered in Google Chrome last year than any other piece of core internet software – that's according to research that also found 2014 clocked record numbers of zero-day flaws. The Secunia Vulnerability Review 2015 report [PDF] is built on data harvested by the company's Personal Software Inspector …
Darren Pauli, 26 Mar 2015