Articles about Exploits

Image by Lana839 http://www.shutterstock.com/gallery-2897530p1.html

Suspected Russian DNC hackers brew Mac trojan

Suspected Russian hackers fingered for hacking the United States Democratic National Committee (DNC) have brewed a trojan targeting Mac OS X machines in the aerospace sector, says Palo Alto researcher Ryan Olson. The malware relies on social engineering and exploits a well-known vulnerability in the MacKeeper security software …
Darren Pauli, 27 Sep 2016
Arnie Total Recall

Brain plague or estate agents? I know which I'd prefer in Virtual Reality

Life in a London firm is tough: it’s full of jewel heists, flying bullets and car chases. Well, this was the case during my last foray into Virtual Reality. London Heist is one of the showcase games for Sony’s PlayStation VR experience from Sony and it’s virtually perfect, making me feel like the lead in a Guy Richie gangster …
Lucy Orr, 26 Sep 2016
NSA

Report: NSA hushed up zero-day spyware tool losses for three years

Sources close to the investigation into how NSA surveillance tools and zero-day exploits ended up in the hands of hackers has found that the agency knew about the loss for three years but didn’t want anyone to know. Multiple sources told Reuters last night that the investigation into the data dump released by a group calling …
Iain Thomson, 23 Sep 2016
Keen Security Lab senior researcher Sen Nie (left) with director Samuel Lv

Hackers hijack Tesla Model S from afar, while the cars are moving

Video Chinese hackers have attacked Tesla electric cars from afar, using exploits that can activate brakes, unlock doors, and fold mirrors from up to 20 kilometres (12 miles) away while the cars are in motion. Keen Security Lab senior researchers Sen Nie, Ling Liu, and Wen Lu, along with director Samuel Lv, demonstrated the hacks …
Darren Pauli, 20 Sep 2016
PRIVATE investigator on the phone, smoking a cigar, looks around suspiciously. Photo by Shutterstock

BOFH: The case of the suspicious red icon

Episode 11 So I'm in the office by myself while the PFY is out doing... something... I guess... when one of our atypical difficult users comes in. "Just one question," he starts, interrupting the thought I started when he walked in on potential loopholes in the gun laws. "My browser has an icon which is red." "What's the icon?" I ask …
Simon Travaglia, 16 Sep 2016

Researcher says Patch Tuesday fix should have been made earlier

Security researcher Kafeine says one of this week's Microsoft patches addresses a vulnerability it knew of since last year, and may only have pulled the patching trigger after a spate of banking trojan attacks. The attacks utilised the low-level flaw (CVE-2016-3351) for cloaking purposes among an arsenal of exploits. The …
Darren Pauli, 16 Sep 2016

French hackers selling hidden .22 calibre pen guns on secret forums

French hackers are selling concealed weapons including so-called pen guns that fire .22 Long Rifle bullets on highly secretive crime forums, threat researcher Cedric Pernet says. Videos of the home-made pen guns scattered around the internet show the weapons in working use. The guns are being sold for €150 (US$169, £127, A$ …
Darren Pauli, 15 Sep 2016

$200k Android bug contest

Google has launched a new contest offering $200,000 to whoever can first find and report a remote-code execution bug in Android. Second place will get $100,000, and third at least $50,000. "The goal of this contest is to find a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing …
Chris Williams, 14 Sep 2016

US-CERT tells network operators to pay attention and harden up

The US-CERT is warning organisations to harden their networks, because resurgent malware plus the recent publication of powerful exploits proved too hot to ignore. The organisation says that threats like the a leak of Equation Group Adaptive Security Appliance (ASA) tooling are bad enough by themselves, but warns plenty of …
Darren Pauli, 09 Sep 2016
image byemo http://www.shutterstock.com/gallery-2659924p1.html

Kaspersky to 1337 haxors: take down our power grid. We dare you

Kaspersky Labs is launching a capture-the-flag event at which hackers will have the chance to pop a simulated power station. The hacking events are popular with security types who compete to break into specially set-up systems to obtain flags and score points for feats of exploits, cracking, and pivoting. Kaspersky Labs will …
Darren Pauli, 08 Sep 2016
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Ten-year-old Windows Media Player hack is the new black, again

Net scum are still finding ways to take down users with a decade-old Windows Media Player attack. The vector is a reborn social engineering hatchet job not seen in years in which attackers convince users to run executable content through Windows Media Player's Digital Rights Management (DRM) functionality. Windows Media …
Darren Pauli, 08 Sep 2016
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Mr Chow plates up sticky ransomware

Popular Chinese food chain "Mr Chow's" has been caught plating up ransomware from its website. The fine dining restaurant chain boasts sites in London and across the US and was hacked by attackers injecting the pseudo Darkleech malicious scripts to redirect users. Victims were served a malware money bag through the Neutrino …
Darren Pauli, 07 Sep 2016
CSIRO Parkes Radio Telescope

Flash: Still exploits kits’ MVP

Adobe Flash is the software most widely abused by exploit kits. Security intelligence firm Digital Shadows found that 27 of the 76 identified vulnerabilities abused by exploit kits targeted Adobe Flash. The figures are based on an analysis of software bugs abused by the top 22 exploit kits. Exploit kits are widely used by …
John Leyden, 06 Sep 2016
editorial only image of Whitehall. Pic Daniel Gale/Shutterstock

UK Parliament's back for Snoopers' Charter. Former head of GCHQ talks to El Reg

IPBill The UK Parliament has returned from recess for a fortnight ahead of the conference season. That's just long enough to squeeze in the House of Lords’ committee stage examination of the Investigatory Powers Bill, which resumes this afternoon. The upper chamber had been waiting for the publication of a review of the bill’s bulk …
Sunset

Sundown exploit kit authors champions of copy-paste hacking

Authors of the Sundown exploit kit have proven themselves masters of copy and paste, stealing exploits from rivals and borking encryption when they opt for originality. Exploit kits offer an arsenal of attacks to the unscrupulous and are popular because they offer many means to point malicious payloads at victim machines. …
Darren Pauli, 05 Sep 2016

Extra Bacon? Yes please, even though the Cisco bug of this name is bad for you

Tens of thousands of Cisco ASA firewalls are vulnerable to an authentication bypass exploit thought to have been cooked up by the United States National Security Agency (NSA). The "Extra Bacon" exploit was one of many found as part of an Equation Group cache leaked by a hacking outfit calling itself the Shadow Brokers. …
Darren Pauli, 05 Sep 2016
Image by Arak Rattanawijittakorn http://www.shutterstock.com/gallery-2364116p1.html

Angler's obituary: Super exploit kit was the work of Russia's Lurk group

Ruslan Stoyanov was right: what could be history's most advanced financially-driven malware was the progeny of some 50 jailed hackers known as the Lurk group. It is a finding that solves the mysterious demise of the world's most capable exploit kit and one of the biggest threats to end users on the internet. Kaspersky's head …
Darren Pauli, 31 Aug 2016
shark

Muddying the waters of infosec: Cyber upstart, investors short medical biz – then reveal bugs

Analysis A team of security researchers tipped off an investment firm about alleged software vulnerabilities in life-preserving medical equipment in order to profit from the fallout. Researchers at MedSec Holdings, a cybersecurity startup in Miami, Florida, believed they found numerous holes in pacemakers and defibrillators …
Iain Thomson, 26 Aug 2016

Update your iPhones, iPads right now – govt spy tools exploit vulns

Apple has pushed out an emergency security update for iPhones, iPads and iPods after super sophisticated spyware was found exploiting three iOS vulnerabilities. The iOS 9.3.5 upgrade plugs three holes that, according to researchers, are being used right now by the Pegasus surveillance kit – a powerful commercial malware …
Shaun Nichols, 25 Aug 2016

Major update drops for popular Pwntools penetration showbag

The third version of the Pwntools exploit showbag has been released, sporting new Android p0wnage functions and a host of additional modules. The Python development library is the brainchild of the Gallopsled CTF team, which wrote the toolset to help fellow security types build faster exploits for penetration testing and …
Darren Pauli, 24 Aug 2016
Image composite bazzier and valeo5 http://www.shutterstock.com/gallery-761863p1.html http://www.shutterstock.com/gallery-1393552p1.html

Equation Group exploit hits newer Cisco ASA, Juniper Netscreen

Hungary-based security consultancy SilentSignal has ported a public exploit to newer models of Cisco's Adaptive Security Appliance (ASA). The firm expanded the attack range of the ExtraBacon Cisco hack hole revealed as part of the Shadow Brokers cache of National Security Agency-linked exploits and tools. The exploit was …
Darren Pauli, 24 Aug 2016

'NSA' hack okshun woz writ by Inglish speeker trieing to hyde

The perpetrator behind the dumping of tools penned by the probably-the-NSA hacking squad called"Equation Group" appears to be a native English speaker, according to linguistic data researcher Shlomo Argamon. Earlier this month some 300 files were circulated online purporting to be stolen from the Equation Group, which is …
Darren Pauli, 23 Aug 2016
man_from_uncle_648

Software-defined networking is dangerously sniffable

Software-defined networking (SDN) controllers respond to network conditions by pushing new flow rules to switches. And that, say Italian researchers, creates an unexpected security problem. The researchers were able to persuade their SDN environment to leak information that sysadmins probably don't want out in public, …

Software exploits overrated - it's the humans you need to be watching

Video Weak passwords and phishing offer far easier mechanisms for breaking into most organizations than exploiting software vulnerabilities. A study by US cybersecurity firm Praetorian based on 100 penetration tests and 450 real-world attacks discovered that stolen credentials offer the best way into enterprise networks. Software …
John Leyden, 22 Aug 2016
NSA

Snowden files confirm Shadow Brokers spilled NSA's Equation Group spy tools over the web

Documents from the Edward Snowden archive prove that the malware and exploits dumped on the public internet on Monday originated from the NSA. Among the files leaked by whistleblower Snowden in 2013 is a draft NSA manual on how to redirect people's web browsers using a man-in-the-middle tool called SECONDDATE. This piece of …
Iain Thomson, 19 Aug 2016
Man drinks Beer. Photo by shutterstock

Polish developer hacks Android rewards app for free beer

A cunning Polish developer has hacked an Android food and drink rewards app to grant himself unlimited free beer. Kuba Gretzky detailed his excellent exploits in a blog post on Breakdev – though, to deter copycats, he didn't name the rewards app or the precise location within Poland where it was operating. He did, however, …
Gareth Corfield, 19 Aug 2016
Edward Snowden at Think. Image Darren Pauli / The Register

Snowden says Russia ‘probably responsible’ for NSA hack

NSA whistleblower Edward Snowden reckons Russia is the most likely suspect behind the leak of advanced hacking tools allegedly stolen from an elite NSA hacking unit. He postulates a complex motive for the leak involving gaining diplomatic leverage that wouldn’t look out of place in a modern retelling of a John le Carré novel. …
John Leyden, 18 Aug 2016
Smilin' Marv

Cisco confirms two of the Shadow Brokers' 'NSA' vulns are real

It's looking increasingly likely that the hacking tools put up for auction by the Shadow Brokers group are real – after Cisco confirmed two exploits in the leaked archive are legit. The two exploits, listed in the archive directory as EPICBANANA and EXTRABACON, can be used to achieve remote code execution on Cisco firewall …
Iain Thomson, 17 Aug 2016
image by Filip Fuxa http://www.shutterstock.com/gallery-94501p1.html

#Shadowbrokers hack could be Russia's DNC counter-threat to NSA

One of the most interesting hacks in recent memory is almost certain to be a compromise of infrastructure operated by an ultra-elite hacking group thought to be the United States' National Security Agency. The breach involves the public release of more than 300 files that showcase a host of exploits against companies including …
Darren Pauli, 17 Aug 2016
Image by Arak Rattanawijittakorn http://www.shutterstock.com/gallery-2364116p1.html

Demise of Angler, the world's worst exploit kit, still shrouded in mystery

The Angler exploit kit has all-but vanished and whoever knows why isn't talking. Angler was the most powerful and sought-after exploit kit on the market boasting rapid integration of new vulnerabilities that made it able to employ zero day attacks on Flash, Java, and Silverlight. It also employed a battery of complex …
Darren Pauli, 16 Aug 2016

Shadow Broker hacking group auctions off claimed NSA online spy tools

A group calling itself the Shadow Brokers has started an online auction for top-of-the-range tools it claims were stolen from the Equation Group, a digital attack squad linked to the NSA. The Shadow Brokers posted up news of the auction saying (in broken English) that they had been monitoring the Equation Group's servers, had …
Iain Thomson, 15 Aug 2016
Boba Fett

$200,000 for a serious iOS bug? Pfft, we'll give you $500,000, says exploit broker Exodus

Last week Apple made its belated entrance into the bug bounty market, announcing a top award of $200,000 for major flaws in iOS, but Cook & Co have been comprehensively outbid. On Tuesday, exploit trading firm Exodus Intelligence said it is willing to pay $500,000 for a major flaw in iOS 9.3 and above – and the exploit to use …
Iain Thomson, 11 Aug 2016
Android patch

Google says most users 'protected' against 'Quadrooter'

The Quadrooter vulnerabilities in Qualcomm-based Android phones can grant apps total control over devices – but Google reckons malicious code exploiting the flaws should hardly ever reach users. The Chocolate Factory reckons the Verify Apps feature in its Play Store was already blocking apps that tried to take advantage of …

Latest Androids have 'god mode' hack hole, thanks to Qualcomm

Four Qualcomm vulnerabilities grant malware writers total access to modern Android smartphones. Yes, yes, nine hundred meellion "potential" users, if you're counting. Attackers can write malicious apps that, when installed, exploit the software flaws to gain extra privileges on Android Marshmallow and earlier versions of …
Darren Pauli, 08 Aug 2016

How many zero-day vulns is Uncle Sam sitting on? Not as many as you think, apparently

DEF CON While some fear the US government is hoarding a vast pool of zero-day security vulnerabilities, the reality is that it probably holds just a few dozen, according to a study by Columbia University. In a presentation at the DEF CON hacking conference in Las Vegas today, Jason Healey, senior research scholar in the university's …
Iain Thomson, 05 Aug 2016
Firefox logo

Firefox 'Electrolysis' reaches the one per cent

Mozilla has moved ahead with its cunning plan to split the browser window from the underlying content processing. First discussed in June, "Project Electrolysis" splits Firefox into a UI process and a content process. If it works, the change in architecture would keep tabs and menus operational even if someone's created the …
Image by Maksim Kabakouhttp://www.shutterstock.com/pic-362745248/stock-photo-privacy-concept-broken-shield-on-wall-background.html

Hackers brew Intel chip defence kit to neuter budding exploits

Black Hat 2016 EndGame vulnerability researchers Cody Pierce, Matt Spisak, and Kenneth Fitch have created a defence framework to protect against deeper modern attacks. The security trio with roots in the HP Zero Day Initiative, the National Security Agency, and the Department of Defence, have extended a hardware defense tool already in use …
Darren Pauli, 02 Aug 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Odds are your office is ill-prepared for network-ransacking ransomware

Organizations are unprepared for future strains of more sophisticated ransomware, a report by Cisco warns. The networking giant's 2016 Midyear Cybersecurity Report concludes that the next wave of ransomware is expected to be more pervasive and resilient. While current strains typically infect a single computer, future …
John Leyden, 26 Jul 2016
Gil C http://www.shutterstock.com/gallery-762415p1.html

PHP flaws allowed God mode access to top smut site

A trio of hackers have gained remote code execution powers on servers used by adult entertainment outlet Pornhub, using a complex hack that revealed twin zero-day flaws in PHP. Google sofware intern and security boffin Ruslan Habalov (@evonide) detailed the Return Orientated Programming hack in detailed debriefing explaining …
Darren Pauli, 24 Jul 2016
Rotten apple. Pic: Shutterstock (http://www.shutterstock.com/pic-29447929/stock-photo-a-rotten-apple-on-a-white-background.html)

Wavering about Apple's latest security fix? Don't, says Talos

Here's another reason to press “install” on Apple's latest OS X and iOS security patches: a slew of image-handling vulnerabilities. Now that Apple's released the patched versions, Cisco's Talos researchers have gone public with the details of their contribution to the fixes. The most serious of the bugs is in TIFF image …

Flaws found in security products from AVG, Symantec and McAfee

Updated Hundreds of security products may not be up to the job, researchers say, thanks to flawed uses of code hooking. The research is the handiwork of EnSilo duo Udi Yavo and Tommer Bitton, who disclosed the bugs in anti-virus and Windows security tools ahead of their presentation at the Black Hat Las Vegas conference next month. …
Darren Pauli, 20 Jul 2016
Data breach

World-Check terror suspect DB hits the web at just US$6750

The World-Check database that lists "heightened risk individuals and organizations" is reportedly up for sale on the dark web. The database is a commercial product offered by Thomson Reuters, which bills it as a useful tool for those fighting money laundering, "organized crime, sanctions, Countering the Financing of Terrorism …
Darren Pauli, 19 Jul 2016

15-year-old security hole HTTPoxy returns to menace websites – it has a name, logo too

A dangerous easy-to-exploit vulnerability discovered 15 years ago has reared its head again, leaving server-side website software potentially open to hijackers. The Apache Software Foundation, Red Hat, Ngnix and others have rushed to warn programmers of the so-called httpoxy flaw, specifically: CVE-2016-5385 in PHP; CVE-2016- …
Darren Pauli, 18 Jul 2016
Mr Robot: Credit USA Network

World's worst exploit kit weaponises white hats' proof of concept code

The new wearer of the crown for World's Worst Exploit Kit is compromising users with exploit code for a dangerous new attack published by a white hat researcher. Neutrino is the new king of for-profit p0wnage packages, a market in which criminals create tools to compromise scores of users through the latest vulnerabilities. …
Darren Pauli, 18 Jul 2016
Twiki

White hat hacker AI bots prepare for DARPA's DEF CON cyber brawl

The research wing of the US military has picked the seven teams who will compete to build machine-learning software that can find and patch bugs automatically to fend off hackers. The DARPA Cyber Grand Challenge will be held at the DEF CON hacking conference next month. The agency has put up $2m in prize money in the unlikely …
Iain Thomson, 13 Jul 2016
Cthulu emerges from a printer. Image created by illustrator Andy Davies. Copyright: The Register

Webpages, Word files, print servers menacing Windows PCs – yup, it's Patch Tuesday

Microsoft will fix critical holes in Internet Explorer, Edge, Office and Windows with this month's Patch Tuesday security bundle. Meanwhile, Adobe has patched dozens of exploitable vulnerabilities in its Flash player. Redmond's July release includes 11 sets of patches, six rated as "critical" and five classified as "important …
Shaun Nichols, 12 Jul 2016
Wordpress logo

Nasty session stealing hole filled in WordPress All in One SEO plugin

The developers have patched a hole in the popular All in One search engine optimisation WordPress plugin, a tool that's been downloaded by some 30 million users and is used on a million sites. Flaws exist in the Bot Blocker component which can be exploited to steal administrator tokens and conduct actions through cross-site …
Darren Pauli, 12 Jul 2016
Image: Marvel

Aussie researcher claims 'Antminer' bitcoin boxen can be broken

Australian security researcher Tim Noise says scores of popular Antminer Bitcoin mining devices could be commandeered. Noise demonstrated how a vulnerability in the configuration of the open source mining program CGminer running on an Antminer box can be abused to redirect the efforts of massive mining operations to fill an …
Darren Pauli, 12 Jul 2016

Google slammed over its 'free' school service

Two Swedish researchers have torn into Google's free school service, accusing the online giant of purposefully misleading users in order to continue profiting from the sale of children's data. Maria Lindh and Jan Nolin from the University of Borås have published a research paper [note: paid access] that digs into the policies …
Kieren McCarthy, 11 Jul 2016

EU cybersecurity directive will reach Britain, come what May

The passage of the EU Directive on the Security of Network and Information Systems (NIS) will have a profound effect on corporate security across Europe and even in Britain, despite the Brexit vote. The NIS Directive applies to organisations that provide elements of a country’s critical national infrastructure – i.e. operators …
John Leyden, 11 Jul 2016