Articles about exploits

broker

Shadow Brokers hike prices for stolen NSA exploits, threaten to out ex-Uncle Sam hacker

The Shadow Brokers is once again trying to sell yet more stolen NSA cyber-weapons, raising the asking price in the process. And the gang has threatened to out one of the US spy agency's ex-operatives that it claims hacked Chinese targets. In the now-traditional broken English statement, the smug miscreants said they had so …
Iain Thomson, 29 Jun 2017
Central Intelligence Agency

That CIA exploit list in full: The good, the bad, and the very ugly

We're still going through the 8,761 CIA documents published on Tuesday by WikiLeaks for political mischief, although here are some of the highlights. First, though, a few general points: one, there's very little here that should shock you. The CIA is a spying organization, after all, and, yes, it spies on people. Two, unlike …
Iain Thomson, 8 Mar 2017

Spies do spying, part 97: Shock horror as CIA turn phones, TVs, computers into surveillance bugs

WikiLeaks has dumped online what appears to be a trove of CIA documents outlining the American murder-snoops' ability to spy on people. The leaked files describe security exploits used to compromise vulnerable Android handhelds, Apple iPhones, Samsung TVs, Windows PCs, Macs, and other devices, to read messages, listen in via …
John Leyden, 7 Mar 2017
Image by robodread http://www.shutterstock.com/gallery-529180p1.html

Popular hacker warkit Metasploit now hacks hardware and cars

Popular offensive hacking toolkit Metasploit now works on hardware, including cars, after a major update to the 13-year old platform. The free-or-paid modular hacking machine now sports plenty of CVE-specific exploitation components that security professionals have long-used for penetration tests and research. An update to …
Darren Pauli, 3 Feb 2017
RomanYa http://www.shutterstock.com/gallery-1222298p1.html

WordPress fixed god-mode zero day without disclosing the problem

Last week's WordPress patch run fixed a then-secret zero day bug that let remote unauthorised hackers edit or delete WordPress pages. The remote privilege escalation and content injection hole hits Wordpress versions 4.7 and 4.7.1 and allows all pages on unpatched sites to be modified, redirecting visitors to exploits and a …
Darren Pauli, 2 Feb 2017
Army of Darkness. Universal Pictures.

Bookish hacker finds holes in Amazon, Apple, Google epub services

Bug hunter Craig Arendt has reported vulnerabilities in major eBook readers including those from Apple, Google, and Amazon. The similar but separate XML external entity (XXE) flaws also impact all online epub ebook services that use the popular epubcheck library that ensures good format conversions into the universal epub book …
Darren Pauli, 27 Jan 2017

Uber pays hacker US$9,000 for partner firm's bug

Russian penetration tester Vladimir Ivanov has reported a bug in anti-ransomware backup service Code42 that could have seen attackers pilfer data from the likes of Uber, Lockheed Martin, and Adobe. Ivanov, of SCADA hack house Positive Technologies, reported the since-patched XML external entity vulnerability to Uber, which …
Darren Pauli, 27 Jan 2017
Composite image. Image by Syda Productions https://www.shutterstock.com/g/Syda+Productions

Boffins break Samsung Galaxies with one SMS carrying WAP crap

A single TXT message is enough to cause Samsung S5 and S4 handsets to return to factory settings, likely wiping users' data along the way. And because the attack exploits Android's innards, other vendors' handsets are at risk. The vulnerabilities, thankfully patched by Samsung, means attackers can send WAP configuration …
Darren Pauli, 25 Jan 2017
Image by Sergey Nivens http://www.shutterstock.com/gallery-461077p1.html

Kid hackers break XSS defences, find hack hole in 2 million websites

Hackers Karim Rahal and Ibram Marzouk have found multiple cross-site scripting vulnerabilities in the HTML Comment Box that opened avenues to compromise visitors to some used by some 2 million websites. Rahal (@KarimPwnz) and Marzouk (@0xibram), both 14 year-old students based in Lebanon, reported the flaws through Detectify's …
Team Register, 24 Jan 2017
1980 olympics weight-lifting champs. By RIA Novosti archive, image #484445 / Dmitryi Donskoy / CC-BY-SA 3.0

Windows 10 Anniversary Update crushed exploits without need of patches

Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever. The August updates brought in a series of operating system security improvements including boosts to Windows Defender and use of AppContainer, designed to raise the difficulty of having zero day exploits execute on patched systems …
Darren Pauli, 16 Jan 2017
Venomous snake

Sundown exploit kit weaves Edge hack hole

Authors of the Sundown exploit kit have integrated a since patched and limited Microsoft Edge vulnerability from a security firm's public proof-of-concept. The addition of the twin bugs (CVE-2016-7200 and CVE-2016-7201) means unpactched users of one of the world's most unpopular web browsers are likely to be targeted by a wide …
Darren Pauli, 11 Jan 2017
band_aid_patching_648

EMC slings patch at remote hack nonce-nse

Remote attackers can hose EMC hybrid flash storage thanks to cryptographic weaknesses. The patched vulnerability (CVE-2016-0917) affects EMC's VNX1, VNX2 and VNXe systems, including the end-of-life Celerra which will not receive a fix. EMC researchers wrote in a security notice that remote attackers could access the SMB …
Team Register, 11 Jan 2017
android logo

Google caps punch-yourself-in-the-face malicious charger hack

Google has capped a dangerous but somewhat obscure boot mode vulnerability that allowed infected PCs and chargers to put top end Nexus phones into denial of service states. IBM reported the flaw (CVE-2016-8467) which allows infected computers and malicious power chargers to compromise Nexus 6 and 6p phones. Google badged the …
Darren Pauli, 9 Jan 2017
Image by GTS http://www.shutterstock.com/gallery-519838p1.html

Netgear unveils world's easiest bug bounty

Netgear has broken ranks from the consumer router security shame factory to offer a bug bounty sporting extra rewards for chained exploits. Hoping to shake the SOHOpeless tag, the vendor will hand out up to US$15,000 for hackers reporting global remote unauthorised access from the internet to Netgear devices, and unauthorised …
Darren Pauli, 6 Jan 2017
Workers loading mail sacks onto Mail Rail 1935 photo The Postal Museum and Mail Rail

Hate 'contact us' forms? This PHPmailer zero day will drop shell in sender

Websites using PHPMailer for forms are at risk from a critical-rated remote code execution zero day bug. Legal Hackers researcher Dawid Golunski found the vulnerability (CVE-2016-10074) in the much-used library, found in the world's most popular content management systems and addons. The bug also affects the Zend Mailer and …
Darren Pauli, 3 Jan 2017
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

P0wnographer finds remote code exec bug in McAfee enterprise

McAfee has taken six months to patch 10 critical vulnerabilities in its VirusScan Enterprise Linux client. And these were nasty bugs as when chained they resulted remote code execution as root. Andrew Fasano, security researcher with MIT Lincoln Laboratory, says attackers can chain the flaws to compromise McAfee Linux clients …
Darren Pauli, 13 Dec 2016
Image by infografick https://www.shutterstock.com/g/infografick

Need Xmas ideas? Try CVE-2015-7645, a Flash gift that keeps on giving

A Flash vulnerability subject to emergency patching by Adobe has been used in all major exploit kits to compromise users not already updated. The vulnerability (CVE-2015-7645) patched in October last year was the first zero day since Adobe implemented more hardened security. It was also the most pervasive among the …
Darren Pauli, 8 Dec 2016
Pic: Shutterstock

Drive-by web nasty unmasks Tor Browser users, Mozilla dashes to patch zero-day vuln

Updated Mozilla is scrambling to patch a vulnerability in Firefox that is apparently being exploited in the wild to unmask Tor Browser users. Earlier today, a small package of SVG, JavaScript and x86 code popped up on a Tor mailing list that, when opened by Firefox or Tor Browser on a Windows PC, phones home to a remote server and …
Darren Pauli, 30 Nov 2016

Create a news alert about exploits, or find more stories about exploits.

Biting the hand that feeds IT © 1998–2017