DDos

/Tag:DDos

Week 51 In Review – 2016

Events Related DefCamp- def.campResources McAfee Virus Scan for Linux - state.actor A system running Intel's McAfee VirusScan Enterprise for Linux can be compromised by remote attackers due to a number of security vulnerabilities. Some of these vulnerabilities can be chained together to allow remote code execution as root. Techniques Practical Reverse Engineering Part 5 - Digging Through the Firmware - jcjc-dev.com In part 4 we extracted the entire firmware from the router and decompressed it. As I explained then, you can often get most of the firmware directly from the manufacturer’s website: Firmware upgrade binaries often contain partial or entire filesystems, or even entire firmwares. XNU kernel UaF due to lack of locking in set_dp_control_port - bugs.chromium.org set_dp_control_port is a MIG method on the host_priv_port so this bug is a root->kernel escalation. macOS FileVault2 Password Retrieval - blog.frizk.net macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. Vulnerabilities Bluetooth-enabled safe lock popped after attackers win PINs - theregister.co.uk Attackers can locate and pop safes protected with high security commercial locks thanks to poor Bluetooth implementations, say researchers at Somerset Recon say. 0day drive-by exploit against Fedora If you run a mainstream distribution of Linux on a desktop computer, there's a good chance security researcher Chris Evans can hijack it when you do nothing more than open or even browse a specially crafted music file. And in the event you're running Chrome on the just-released Fedora 25, his code-execution attack works as a classic drive-by. 0-days hitting Fedora and Ubuntu open desktops to a world of hurt - arstechnica.com Redux: compromising Linux using... SNES Ricoh 5A22 processor opcodes?!- scarybeastsecurity.blogspot.com Other News  FBI Arrests Customer of Xtreme Stresser DDoS-for-Hire Service - bleepingcomputer.com The FBI arrested this past week Sean Krishanmakoto Sharma, 26, from La Canada, California, for launching DDoS attacks against Chatango, an online chat service.  

Week 43 In Review – 2016

Events Related Hack.lu I’m back to Luxembourg for a new edition of hack.lu. In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. Hack.lu 2016 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2016 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2016 [...]

Week 13 in Review – 2013

Event Related Blackhat Europe 2013 Arsenal Tools Event Wrap-up - toolswatch.org I finally found time to write a wrap-up about the activities of the Arsenal Tools Event during the last session of Blackhat Amsterdam Europe 2013. IPv6 Focus Month: IPv6 over IPv4 Preference - isc.sans.edu Initially, most IPv6 deployments will be "Dual Stack". In this [...]