Users complain that YouTube plays very long unskippable ads. Sometimes such ads are longer than the video the person is watching.
CONTINUE READING 🡒 
Your guide to NTLM relay, Part 2: Delivering relay attacks
NTLM relay attacks aren’t new to pentesters. In most cases, the main prerequisite for a successful relay attack isn’t a vulnerability, but an infrastructure misconfiguration; this is why such attacks are often used in real-life situations. This article discusses relay attacks and techniques used to deliver them…
CONTINUE READING 🡒 
Zyxel firewalls reboot due to flawed update
Zyxel warned its customers that a recent signature update may cause critical errors in USG FLEX and ATP series firewalls. As a result, devices go into infinite reboot loops.
CONTINUE READING 🡒 
Cisco patched a critical vulnerability in Meeting Management
Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges.
CONTINUE READING 🡒 
GPS spoofing: How to become a satellite
Each of us uses satellite navigation to get anywhere outside our backyard. But what if GPS, as of a sudden, stops working and cannot be used to determine your location anymore? This article presents an efficient technique enabling you to fool GPS.
CONTINUE READING 🡒 
18,000 script kiddies have been infected with backdoor via XWorm…
According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies’ systems become infected with a backdoor that steals data and subsequently seizes control over their computers.
CONTINUE READING 🡒 
Your guide to NTLM relay: Hijacking NTLM authentication to deliver…
Why NTLM authentication is still present in many infrastructures? The correct answer is: because Windows cannot exist without it. But NTLM authentication is marred by a number of problems that can be exploited by attackers. One of such problems is its vulnerability to relay attacks. This article…
CONTINUE READING 🡒 
Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer
Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into downloading the Lumma Stealer malware.
CONTINUE READING 🡒 
Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts
Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code.
CONTINUE READING 🡒 
Hand-made cheat: Looking through walls and aiming automatically in a…
Today you will learn how to write a cheat for an online shooter. This cheat will implement such hacks as extrasensory perception (ESP) and aimbot. ESP displays player information above their heads (e.g. player’s health, name, or current weapon); while aimbot automatically…
CONTINUE READING 🡒 
Fake Homebrew Infects macOS and Linux Machines with infostealer
Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.
CONTINUE READING 🡒 
Flaying three-headed sheep. How to dump Kerberos tickets in C++
Kerberos offers plenty of user authentication features. Its main ‘bricks’ are tickets; in the course of penetration testing, the attacker dumps such tickets from the LSASS process memory at least once. Today, I will explain how this operation can be performed without sophisticated hacker…
CONTINUE READING 🡒 
Goodbye Mimikatz! Inject tickets with your own hands
To implement a number of pass-the-ticket attacks, you have to inject a Kerberos ticket into the compromised system. Such tools as Mimikatz, Impacket, or Rubeus can be used for this purpose, but they are easily detected by antiviruses, thus, making this approach ineffective. In this…
CONTINUE READING 🡒 
Privileger: Now you’re in control of privileges in Windows
In Windows, privileges play a key role: only the admin has the authority to grant special rights to users so that they can perform their tasks. This article discusses a software tool called Privileger: it enables you to search the system for accounts with certain…
CONTINUE READING 🡒 
Insecurity provider. How Windows leaks user passwords
In Windows, most security mechanisms are based on user account passwords. Today, you will learn several techniques making it possible to intercept a password at the time of user authentication and write code that automates this process.
CONTINUE READING 🡒 
Malformed ELFs. How to make executable Linux files debug-resistant
Plenty of anti-debugging techniques are available nowadays, but one of them stands distinctive. Its main principle is not to detect a debugger, but to prevent the app from running in it. This article explains how such a goal can be achieved using parser differentials and fuzzing. You will…
CONTINUE READING 🡒 
YARA to the maximum. Learn to write effective YARA rules…
Sometimes, YARA is called the Swiss Army knife of virus analysts. This tool makes it possible to create a set of rules to detect malicious and potentially dangerous programs quickly and accurately. In this article, I will explain how to write perfect YARA rules so that its engine…
CONTINUE READING 🡒 
Cyberphone. Transforming an Android smartphone into a hacker tool
From a hacker’s perspective, a mobile phone is the most handy tool for computer attacks, especially for attacks that require semiphysical access and are delivered over a radio channel. In this article, I will explain how to transform an ordinary Android smartphone into a powerful hacker…
CONTINUE READING 🡒 
KARMAgeddon. Attacking client devices with Karma
Even if your client device isn’t connected to Wi-Fi, it still can be attacked. There is a special category of attacks called Karma that compromise client devices equipped with Wi-Fi modules. This article explains in simple terms how such attacks work.
CONTINUE READING 🡒 
Brute-force on-the-fly. Attacking wireless networks in a simple and effective…
Attacks on Wi-Fi are extremely diverse: your targets are both client devices and access points who, in turn, can use various protocols and authentication methods. This article presents a simple but effective brute-forcing technique for wireless networks.
CONTINUE READING 🡒