Jump to content

Search the Community

Showing results for tags 'attack'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. SPOILER is the newest speculative attack affecting Intel's micro-architecture. Researchers out of the Worcester Polytechnic Institute and University of Lubeck discovered this new speculative attack dubbed SPOILER, Speculative Load Hazards Boost Rowhammer and Cache Attacks. Intel was notified of this issue a few months ago but no software/hardware fix appears ready yet, while the researchers claim there might not be an effective software solution available at least anytime soon -- and any mitigation would likely come at a performance cost, as we've seen with Spectre and Meltdown over the
  2. A complete guide to SQL Injection in which you will design your own lab and learn to attack it. Pentesting + Hacking + SQLI Page: SQL Injection Master Course Price: €337
  3. Symantec Hackers utilizing the Triton malware have managed to close down industrial operations in the Middle East, researchers have warned. On Thursday, cybersecurity researchers from FireEye's Mandiant revealed that threat actors deployed malware capable of manipulating emergency shutdown systems at a critical infrastructure firm in the Middle East. The new form of malware, dubbed Triton, is one of only a handful of malware families known to have been developed for the purpose of attacking industrial processes and core infrastructure we all rely upon for supplies
  4. Security researchers are warning of a new, easy-to-exploit email trick that could allow an attacker to turn a seemingly benign email into a malicious one after it has already been delivered to your email inbox. Dubbed Ropemaker (stands for Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky), the trick was uncovered by Francisco Ribeiro, the researcher at email and cloud security firm Mimecast. A successful exploitation of the Ropemaker attack could allow an attacker to remotely modify the content of an email sent by the attacker itself, for examp
  5. o Sensepost Footprint Tools o Big Brother o BiLE Suite o Alchemy Network Tool o Advanced Administrative Tool o My IP Suite o Wikto Footprinting Tool o Whois Lookup o Whois o SmartWhois o ActiveWhois o LanWhois o CountryWhois o WhereIsIP o Ip2country o CallerIP o Web Data Extractor Tool o Online Whois Tools o What is MyIP o DNS Enumerator o SpiderFoot o Nslookup o Extract DNS Information • Types of DNS Records • Necrosoft Advanced DIG o Expired Domains o DomainKing o Domain Name Analyzer
  6. Cache Poisoning using DNS Transaction ID Prediction Example of a Cache Poisoning Attack on a DNS Server DNS Vulnerabilities in Shared Host Environments Example DNS Flooding – Creating a DNS Denial of Service Attack DNS Man in the Middle Attacks DNS Hijacking https://u.nya.is/ffkswv.pdf Sper să vă fie de folos. Recomandat de a se utiliza împreună cu o
  7. Hello After Collecting Best Of Denial Of Service Attack Tools, I decided To Share Them With You So, I Already Scanned All Tools And Removed Backdored one This Is A list Of Tools : - Anonymous Doser - Hoic - Hulk - Loic - SlowLoris - Unknow Doser - XOIC This is A picture : Now For The Download Link:* ddos attack tools
  8. Exploit Kits: Past, Present and Future March 16, 2015 View research paper: The Evolution of Exploit Kits Exploit kits are a fast-growing online threat that cybercriminals seem to have favored in the last few years to execute Web-based attacks to distribute malware. Exploit kits are old tools released by Russian programmers dating back to 2006. As seen in the diagram below, exploit kits have continuously grown in numbers from 2006 to 2013. The market seemingly changed and took a significant dip however in 2014. The rise of exploit kits in underground markets push exploit kit developers to impr
  9. Americans’ garages, those sacred suburban havens of automobiles and expensive tools, are probably more important to us than many of our online accounts. But some garages are only protected by a code whose security is equivalent to a two-character password. And security researcher Samy Kamkar can crack that laughable safeguard in seconds, with little more than a hacked child’s toy. On Thursday, Kamkar revealed a new tool he’s created called OpenSesame, which he says can open any garage door that uses an insecure “fixed code” system for its wireless communication with a remote. Built from a disc
  10. Hackers have managed to make a huge video billboard in Atlanta display an obscene image favoured by internet pranksters. It prompted calls to police, and soon after, the billboard's owner cut off its power supply. The hack came after a security researcher warned the company, which runs thousands of the video billboards, that they were vulnerable to attack. The FBI and Homeland Security are now investigating the hack. The attackers are believed to have been able to take over the billboard because it used an easy-to-guess password on its net-connected remote administration system. The billboard
  11. SPEAR - Redirect to SMB April 13, 2015 By Brian Wallace We’ve uncovered a new technique for stealing sensitive login credentials from any Windows PC, tablet or server, including ones running previews of the yet-to-be-released Windows 10 operating system. Software from at least 31 companies including Adobe, Apple, Box, Microsoft, Oracle and Symantec can be exploited using this vulnerability, which we have dubbed Redirect to SMB. Carnegie Mellon University CERT disclosed the vulnerability to the public today (#VU672268), following six weeks of working with vendors to help them mitigate the issu
  12. The United States expressed concern Friday over reports China has used a powerful censorship tool dubbed “Great Cannon” to attack websites around the world. Researchers reported in April that the “Great Cannon” is an online attack system used to hijack web traffic and enforce the country’s broad censorship of information online. The system was used to shut down websites aimed at helping Chinese bypass the country’s extensive online restrictions known as the “Great Firewall,” experts said. “We are concerned by reports that China has used a new cyber capability to interfere with the ability of w
  13. Introduction: Spear phishing attacks Spear phishing and its evolutions like the watering hole attack represent one of the most insidious attack techniques adopted by the majority of threat actors in cyber space. According to the experts at Trend Micro security firm, spear phishing is the attack method used in some 91 percent of cyber attacks. Differently from a common phishing attack, in the spear phishing attack scenario bad actors target a subset of people, usually the employees of an organization, members of an association or visitors of a particular website. The purpose of the attack is to
  14. A Quantum Insert Attack is a classic example of man-in-the-middle attacks which resurfaced into news among the top 10 biggest leaks by WikiLeaks founder Edward Snowden. The NSA and Britain’s GCHQ intelligence services allegedly used it against OPEC and Belgacom successfully for their benefit. In short – Quantum is a code name for the servers which are strategically placed by NSA and GCHQ that can respond faster to a request than the intended recipient. The attacker would need monitoring capabilities to successfully attack the victim. Once the quantum servers win the race condition against the
  15. Researchers at Malwarebytes have identified an attack campaign believed to be exploiting a vulnerability in a WordPress plugin. During the past few days, Malwarebytes detected multiple WordPress sites injected with a malicious iframe. The iframe redirects victims to a phony version of The Pirate Bay site. Once there, victims are served the Nuclear exploit kit via a drive-by download attack. "This exploit kit targets most browser plugins but it focuses in particular on the Flash Player which was affected by no less than three zero days in the span of a month," said Jerome Segura, senior securit
  16. The noose around the neck of the Internet's most widely used encryption scheme got a little tighter this month with the disclosure of two new attacks that can retrieve passwords, credit card numbers and other sensitive data from some transmissions protected by secure sockets layer and transport layer security protocols. Both attacks work against the RC4 stream cipher, which is estimated to encrypt about 30 percent of today's TLS traffic. Cryptographers have long known that some of the pseudo-random bytes RC4 uses to encode messages were predictable, but it wasn't until 2013 that researchers de
  17. When heat from one computer is emitted and detected by an adjacent computer, a channel can be opened that researchers are claiming can facilitate the spread of keys, passwords and even malware. According to researchers from the Cyber Security Research Center at Ben Gurion University in Israel, the bridge, something they’ve dubbed BitWhisper, can allow for communication between the two air-gapped machines. Researchers Mordechai Guri and Matan Munitz discovered the method and were overseen by Yuval Elovici, a professor at the school’s Department of Information Systems Engineering. The three plan
  18. Hackers are targeting a number of European businesses and organisations with a spear phishing campaign with the colourful codename Operation Woolen Goldfish. Trend Micro researchers reported uncovering the campaign in an Operation Woolen-Goldfish: When Kittens Go Phishing white paper, warning the attacks are likely a follow-up to the "Rocket Kitten" campaign discovered in December 2014. "In February 2015, the Trend Micro Smart Protection Network received an alert from Europe that triggered several targeted attack indicators related to a specific malware family, prompting our threat defence exp
  19. In one of more impressive hacks in recent memory, researchers have devised an attack that exploits physical weaknesses in certain types of DDR memory chips to elevate the system rights of untrusted users of Intel-compatible PCs running Linux. The technique, outlined in a blog post published Monday by Google's Project Zero security initiative, works by reversing individual bits of data stored in DDR3 chip modules known as DIMMs. Last year, scientists proved that such "bit flipping" could be accomplished by repeatedly accessing small regions of memory, a feat that—like a magician who transforms
  20. Radware, a provider of application delivery DDoS attack protection solutions, this week unveiled its latest attack mitigation platform designed to help carriers and cloud providers protect against high volume DDoS attacks. According to Radware, its new attack mitigation platform provides up to 300Gbps of mitigation capacity and can help protect against volumetric DDoS attacks such as UDP reflection attacks, fragmented and out-of-state floods. Radware’s DefensePro x4420 has the ability to handle 230 million packets per second of attack traffic and was designed for multi-tenant environments with
  21. Greyscale pics are a great place to hide malcode Hackers can duck antivirus programs and execute malware in Adobe Reader by using greyscale images, says Danish security boffin Dénes Óvári. Lossy compression is thought to be susceptible to the DCTDecode filter, which should nuke malware woven into images and blunt this form of attack. However new intelligence published in the paper Script in a Lossy Stream (PDF) shows bad guys and penetration testers can use the filter within PDF documents to hide malcode using JPEG images that are set to greyscale to avoid distortion. This process gives antiv
  22. Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim’s web traffic to a hacker-controlled webserver, generally through a malicious modification of DNS settings. Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email. Researchers at Kaspersky Lab have been watching this trend for some time, reporting in September on a particular campaign in Brazil targeting home routers using a combination of drive-by downloads and social engineering to steal banking and other credentials to sensi
  23. Hackers have targeted Lenovo with a website defacement attack believed to be intended to ‘punish' the firm for its use of the Superfish adware. The attack occurred on Wednesday and forced Lenovo.com to display a slideshow of images while playing Breaking Free from High School Musical. A Lenovo spokesperson told V3 that the firm is taking action to improve the site's security and "investigating other aspects of the attack". "Unfortunately, Lenovo has been the victim of a cyber attack. One effect of this was to redirect traffic from the Lenovo website. We are also actively investigating other as
  24. Table of contents 1. What is the Equation group?..........................................................................3 2. Why do you call them the “Equation” group?................................................3 3. What attack tools and malware does the*Equation group use? ..................4 4. What is DOUBLEFANTASY?.............................................................................6 5. What is EQUATIONDRUG? ..............................................................................8 6. What is GRAYFISH?......................................................................
  25. This week's headlines have been security heavy thanks to the influx of news coming from Kaspersky's Security Analyst Summit. We've seen Kaspersky report everything from a $1bn cyber bank heist operation, to potentially NSA-sponsored and Middle Eastern advanced persistent threats. Specifically we saw threat research papers on the Carbanak, Equation and Desert Falcons attack campaigns. Carbanak is a banking-focused cyber operation that is believed to have stolen $1bn from 100 banks in more than 30 regions using specialist attack tools. Equation is a dangerous hack campaign, believed to have stem
×
×
  • Create New...