Since its rise Windows was a natural habitat for all kinds of malware. Now the OS itself seems to have become one big trojan. Right after being installed it starts acting weird. The data flows in rivers…
CONTINUE READING 🡒 Category: Security
How to use WSUS to get control over Windows
This was one of the most interesting attacks showed on Black Hat Las Vegas 2015. Let’s imagine the situation: there’s a large park of Windows computers in a large organization, and they all need to be updated.…
CONTINUE READING 🡒 0-day attacks using “keep-alive” connections
Most of today's servers support "keep-alive" connections. If the pages have a lot of media content, such connection will help to substantially speed up its download. But we will try to use "keep-alive" for far less obvious…
CONTINUE READING 🡒 7 non-trivial ways to hack your MySQL Database
MySQL is one of the most common database systems. Found everywhere, it is most likely to be used by numerous websites. Hence the reason why the security of this database is a very important issue. An attacker…
CONTINUE READING 🡒 TOP–10 ways to boost your privileges in Windows systems
The processes of privileges elevation in Windows and Linux are a bit different. Despite the fact that both systems has the same number of vulnerabilities, according to researchers it is more likely to see the fully patched…
CONTINUE READING 🡒 BDFProxy
I guess you have heard about Evilgrade framework that allows to “fix” the update mechanism of the most popular programs (Windows update, Apple update and so on and so forth) by replacing valid files with malicious ones.…
CONTINUE READING 🡒 A small injection for memcached
Memcached is a distributed caching system, which has become very popular in loaded Internet projects. And as you know, with the growth of product popularity, the interest in its safety is also increasing. Therefore, we will study…
CONTINUE READING 🡒 Let us see the Impact!
Bug Bounty—vulnerability reward programs for vendors—become more and more widespread. And sometimes, vulnerabilities search detects some evidently insecure areas (e.g., self-XSS) the threat of which is hard to prove. But the larger (or even the smarter) is…
CONTINUE READING 🡒 Reach the root! How to gain privileges in Linux?
In the previous article we have already reviewed several methods regarding the boosting of privileges to a system ones in terms of Windows. As it turned out, there are plenty of ways to do that and which…
CONTINUE READING 🡒 Let’s get rid of default settings!
When people prepare a server for their resource or set up some other software, they often leave most of the default options in configuration files unchanged. Then the project is provided with more and more functions, and…
CONTINUE READING 🡒 SharePoint Serving the Hacker
SharePoint is a corporate document storage system from Microsoft with CMS capabilities which is strongly bound to Active Directory. You can use Google to find general descriptions of its vulnerabilities but, given that the details of its…
CONTINUE READING 🡒 Pwn Plug R2
Instrumental bugs, radio interception — everyone's heard of these, right? The idea of introducing one's own device into a communication channel that carries important information is as old as the world. Such devices are well-known to everyone…
CONTINUE READING 🡒 Cryptography at gunpoint
Cryptography is perceived as a magic wand waving which one can protect any information system. However, surprisingly enough, cryptographic algorithms can be successfully attacked. All sophisticated cryptanalysis theories will be brought to naught if the smallest piece…
CONTINUE READING 🡒 The Bourne Identity
It is always stressed me out how Google AdSense palm me off with certain contextual advertising based on my previous searches. And it might seem that quite enough amount of time had passed and that all cachees…
CONTINUE READING 🡒 Apple forensic: advanced look onto Apple security
As of last July Apple sold over 800 million iOS devices. More than a half of them are various iPhone versions. With such number of devices in circulation it's not surprising at all that they often undergo…
CONTINUE READING 🡒 How to get sensitive data using social networks API?
Everybody knows that present-day social networks in fact are huge DBs containing a lot of interesting private information of the users. Why should you get by with the crumbs of information from index page when every network…
CONTINUE READING 🡒 Learning to detect shell codes for ARM platform
The ubiquitousness of ARM based devices means that malefactors find them more "yummy" for an attack. It's no surprise that shell codes for this platform have long become reality. In spite of the fact that the researchers…
CONTINUE READING 🡒 Root for HDD: expanding the HDD standard capabilities
HDD structure is surely known to everyone, to a certain extent. Basically, it consists of several platters which rotate with the speed of 15,000 rpm, position control device and control electronics module. All this is complemented by…
CONTINUE READING 🡒 Read and execute. Exploiting a new vulnerability in GitLab
In late March 2020, a bug was discovered in a popular web-based tool called GitLab. The error enables the attacker to advance from reading files in the system to executing arbitrary commands. The vulnerability was recognized critical because the attacker doesn’t need any special rights in the…
CONTINUE READING 🡒