According to Patchstack, world’s #1 WordPress vulnerability intelligence provider, 7,966 new vulnerabilities were identified in the WordPress ecosystem in 2024; most of these bugs affected plugins and themes.
CONTINUE READING 🡒 
Black Basta ransomware group developed its own automated brute-forcing framework
According to EclecticIQ, Black Basta Ransomware-as-a-Service (RaaS) group has developed its own automated brute-forcing framework dubbed BRUTED. It’s used to hack edge network devices (e.g. firewalls and VPN).
CONTINUE READING 🡒 
ADS-B Spoofing
Modern aircraft continuously transmit telemetry to each other using the ADS-B protocol. In this article, I will explain how to create your own imaginary plane and demonstrate how data transmission works. Important: all actions described below will be performed in strict compliance with the respective…
CONTINUE READING 🡒 
Researchers force DeepSeek to write malware
According to Tenable, the AI chatbot DeepSeek R1 from China can be used to write malware (e.g. keyloggers and ransomware).
CONTINUE READING 🡒 
JavaScript al dente. Fuzzing JS engines with Fuzzilli
Hey guys! Today, pasta is on the menu! You will learn how to identify vulnerabilities in JavaScript engines using the Fuzzilli fuzzer. After a brief theoretical introduction, you’ll jump directly to practice. Let’s assemble the required tools and start fuzzing.
CONTINUE READING 🡒 
Mass exploitation of PHP-CGI vulnerability in attacks targeting Japanese companies
GreyNoise and Cisco Talos experts warn that hackers are actively exploiting CVE-2024-4577, a critical PHP-CGI vulnerability that was discovered and fixed in early June 2024.
CONTINUE READING 🡒 
PACS from a hacker’s perspective. Attacks on RFID-based physical access…
Hacking electronic turnstiles installed at building entrances is a popular trick shown in many movies. This article discusses RFID-based physical access control systems (PACS) and demonstrates how easily the most commonly used identifier, EM4100, can be faked.
CONTINUE READING 🡒 
Nearly a million Windows computers impacted by a malvertising campaign
According to Microsoft, nearly 1 million Windows devices fell victim to a sophisticated malvertising campaign in recent months. Cybercriminals were able to steal credentials, cryptocurrency, and sensitive information from infected workstations.
CONTINUE READING 🡒 
YouTube warns of scam video featuring its CEO
According to YouTube, scammers use an AI-generated video of the company’s CEO in phishing attacks to steal user credentials.
CONTINUE READING 🡒 
Battle dolphin. My achievements with Flipper Zero inside of a…
Flipper Zero, a hacker multitool created by Russian developers, has become quite famous by now. At the beginning of 2021, the project raised almost 5 million USD on Kickstarter, and the community keenly followed production-related twists and turns and subsequent difficulties with its distribution…
CONTINUE READING 🡒 
Polish Space Agency disconnects its network due to hacker attack
Last weekend, the Polish Space Agency (POLSA) had to disconnect all of its systems from the Internet to localize an attack targeting its IT infrastructure.
CONTINUE READING 🡒 
Gain sight of a remote network! Reconstructing the connection diagram…
To comprehend operating principles and functions of network protocols, you have to understand their structure. The purpose of this study was to analyze a small portion of network traffic and reconstruct the network diagram based on the data extracted from it.
CONTINUE READING 🡒 
Virtual magic. Emulation and virtualization technologies in pivoting
When you conduct pentesting audits, you rarely enjoy such luxury as admin privileges or root rights. Quite the opposite, in most situations you have to deal with antiviruses and firewalls that make it almost impossible to deliver an attack. Fortunately, emulation and virtualization magic comes…
CONTINUE READING 🡒 
Qualcomm extends support for Android devices to 8 years
Qualcomm Technologies announced its collaboration with Google with the purpose to provide extended support for OEM devices running on company’s flagship chipsets. This partnership will enable vendors to release software and security updates for their devices for up to eight years.
CONTINUE READING 🡒 
Blinding Sysmon: How to disable Windows monitoring in a covert…
Immediately after getting access to the target system, the attacker tries to blind its audit tools to remain undetected as long as possible. In this article, I will explain how to blind Sysmon in a covert way making it possible to fool the regular Windows audit.…
CONTINUE READING 🡒 
More than 100,000 users downloaded SpyLend malware from Google Play…
According to Cyfirma, a malicious Android app called SpyLend was available on the official Google Play Store for some time and has been downloaded from there more than 100,000 times. The malware known as SpyLoan (i.e. predatory loan app) was disguised as…
CONTINUE READING 🡒 
ADS-B guide
Wherever you are, aircraft frequently pass overhead; sometimes several ones in a few minutes. Services like Flightradar24 provide precise real-time information about these flights using data received over the ADS-B protocol. You can also receive and decode such data; just…
CONTINUE READING 🡒 
New JavaScript obfuscation technique uses invisible Unicode characters
According to Juniper Threat Labs , a new JavaScript obfuscation technique that uses invisible Unicode characters was used in a phishing attack targeting Political Action Committee (PAC) affiliates.
CONTINUE READING 🡒 
Microsoft fixes vulnerability in Power Pages exploited by cybercriminals
Microsoft patched a severe privilege escalation vulnerability in Power Pages used by hackers as a 0-day.
CONTINUE READING 🡒 
Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and…
OpenSSH fixed two vulnerabilities that could result in MiTM and denial of service (DoS) attacks. Interestingly, one of these bugs appeared in the code more than 10 years ago.
CONTINUE READING 🡒