rpcbomb: remote rpcbind denial-of-service + patches

This vulnerability allows an attacker to allocate any amount of bytes (up to 4 gigabytes per attack) on a remote rpcbind host, and the memory is never freed unless the process crashes or the administrator halts or restarts the rpcbind service. Attacking a system is trivial; a single attack consists of sending a specially crafted Read more about rpcbomb: remote rpcbind denial-of-service + patches[…]

FYI: You can blow Intel-powered broadband modems off the ‘net with a ‘trivial’ packet stream

This week, inquisitive netizens discovered that, when presented with even modest amounts of network packets – as little as 1.5Mbps spread across various TCP or UDP ports – modems equipped with a Puma 6 slow to an unusable crawl. According to one engineer who spoke to El Reg on the issue, the flaw would be Read more about FYI: You can blow Intel-powered broadband modems off the ‘net with a ‘trivial’ packet stream[…]

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

The NSA’s Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, we’re told. On Thursday, Dan Tentler, founder of security shop Phobos Group, told The Register he’s seen rising numbers of boxes on the public internet showing signs they have DOUBLEPULSAR installed Read more about Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools[…]

Burger King ads talk to Google Home devices, make them talk when listening.

The advertisment says: “Hello Google, what is the whopper burger?” and Google home reads out the first line of the wiki page. So Google blocked Burger King. So BK re-recorded and Google Home devices recite the first Absolutely brilliant and very funny! Alexa next! And even more funny: changing the wiki page just as the Read more about Burger King ads talk to Google Home devices, make them talk when listening.[…]

Scammers place fake pins on Google Maps

A partnership between computer scientists at the University of California San Diego and Google has allowed the search giant to reduce by 70 percent fraudulent business listings in Google Maps. The researchers worked together to analyze more than 100,000 fraudulent listings to determine how scammers had been able to avoid detection—albeit for a limited amount Read more about Scammers place fake pins on Google Maps[…]

Shadow Brokers crack open NSA hacking tool cache for world+dog

The self-styled Shadow Brokers group has made a collection of NSA hacking tools and exploits publicly available. The group released a password for their archive, making it available to all and sundry. They (unsuccessfully) attempted to auction off the trove last year. In a (ranty) statement, Shadow Brokers said it was making the 2013 vintage Read more about Shadow Brokers crack open NSA hacking tool cache for world+dog[…]

“BrickerBot” tries to kill your poorly secured IoT things

The Bricker Bot PDoS attack used Telnet brute force – the same exploit vector used by Mirai – to breach a victim’s devices. Bricker does not try to download a binary, so Radware does not have a complete list of credentials that were used for the brute force attempt, but were able to record that Read more about “BrickerBot” tries to kill your poorly secured IoT things[…]

About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals

A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting — Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users. […] Scheel’s method, which he recently Read more about About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals[…]

Bloke, 48, accused of whaling two US tech leviathans out of $100m

According to allegations in the indictment against Rimasauskas, which was unsealed this week, he had orchestrated his scheme between 2013 and 2015, targeting “a multinational technology company and a multinational online social media company” and tricking them into wiring funds to bank accounts under his control. The bank accounts in question belonged to companies that Read more about Bloke, 48, accused of whaling two US tech leviathans out of $100m[…]

Russian mastermind of $500m bank-raiding Citadel coughs to crimes

Mark Vartanyan, who operated under the handle “Kolypto”, was arrested in Norway last year, and extradited to America in December. The 29-year-old was charged with one count of computer fraud. On Monday, he pleaded guilty [PDF] to a district court in Atlanta, US. He faces up to 10 years in the clink and a $250,000 Read more about Russian mastermind of $500m bank-raiding Citadel coughs to crimes[…]

Windows DRM can find your IP without you knowing if you’re watching properly signed wmv and asf files, can uncloak your tor anonymity

If you were to modify the above WRMHEADER or any of the three identified GUID objects you would find that on opening in Windows Media Player you are prompted with a warning from Windows Media Player. However, this warning DOES NOT appear if the DRM license has been signed correctly and the Digital Signature Object, Read more about Windows DRM can find your IP without you knowing if you’re watching properly signed wmv and asf files, can uncloak your tor anonymity[…]

Metasploit hwbridge connects to your car

We recently announced a new addition to Metasploit to help you do exactly that: the Hardware Bridge API. The Hardware Bridge API extends Metasploit’s capabilities into the physical world of hardware devices. Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to Read more about Metasploit hwbridge connects to your car[…]

PostScript printers extremely vulnerable outside of the network

If PostScript is the printer driver, the printer is vulnerable to what they call Cross-Site Printing attacks, documented in detail at Hacking Printers here. The bugs range from attackers exfiltrating copies of what’s sent to printers, to denial-of-service, code execution, forced resets and even bricking the targets. The work from the University Alliance Ruhr landed Read more about PostScript printers extremely vulnerable outside of the network[…]

MongoDB hackers now sacking ElasticSearch

Some 35,000 mostly Amazon Web Services ElasticSearch servers are open to the internet and to ransoming criminals, Shodan boss John Matherly says. So far more than 360 instances have had data copied and erased, held to ransom using the same techniques that blitzed tens of thousands of MongoDB servers this week. Affected ElasticSearch administrators are Read more about MongoDB hackers now sacking ElasticSearch[…]

New Android-infecting malware brew hijacks devices and then attacks your wifi router

Hackers have brewed up a strain of Android malware that uses compromised smartphones as conduits to attack routers.The Switcher trojan does not attack Android device users directly. Instead, the malware uses compromised smartphones and tablets as tools to attack any wireless networks they connect to.Switcher brute-forces access to the network’s router and then changes its Read more about New Android-infecting malware brew hijacks devices and then attacks your wifi router[…]

Yahoo Suffers World’s Biggest Hack Affecting 1 Billion Users ub 2013

Yahoo has discovered a 3-year-old security breach that enabled a hacker to compromise more than 1 billion user accounts, breaking the company’s own humiliating record for the biggest security breach in history. The digital heist disclosed Wednesday occurred in August 2013, more than a year before a separate hack that Yahoo announced nearly three months Read more about Yahoo Suffers World’s Biggest Hack Affecting 1 Billion Users ub 2013[…]

SWIFT confirms 1/5th of cyber attacks get through, steal money.

Cyber attacks targeting the global bank transfer system have succeeded in stealing funds since February’s heist of $81 million from the Bangladesh central bank as hackers have become more sophisticated in their tactics, according to a SWIFT official and a previously undisclosed letter the organization sent to banks worldwide. Source: Exclusive: SWIFT confirms new cyber Read more about SWIFT confirms 1/5th of cyber attacks get through, steal money.[…]

Surveillance camera compromised in 98 seconds

Robert Graham, CEO of Errata Security, on Friday documented his experience setting up a $55 JideTech security camera behind a Raspberry Pi router configured to isolate the camera from his home network. According to Graham’s series of Twitter posts, his camera was taken over by the Mirai botnet in just 98 seconds. Note: it was Read more about Surveillance camera compromised in 98 seconds[…]

Three Mobile hack: millions of UK customers breached

hree has suffered a massive data breach in which the personal information and contact details of millions of customers could have been accessed. It is believed to one of the largest hacks of its kind to affect people living in Britain. Here’s everything you need to know about the hack. What happened? UK-based cyber criminals Read more about Three Mobile hack: millions of UK customers breached[…]

Enter 30 to shell: Cryptsetup Initram Shell / instant access to encrypted linux machines

An attacker with access to the console of the computer and with the ability to reboot the computer can launch a shell (with root permissions) when he/she is prompted for the password to unlock the system partition. The shell is executed in the initrd environment. Obviously, the system partition is encrypted and it is not Read more about Enter 30 to shell: Cryptsetup Initram Shell / instant access to encrypted linux machines[…]

Bangladesh hopes to recover $30 million more from $81m cyber heist

Bangladesh’s central bank hopes to retrieve $30 million more of the $81 million stolen from its account at the New York Federal Reserve in February, two bank officials said on Monday. Hackers used stolen Bangladesh Bank credentials to try to send three dozen SWIFT messages to transfer nearly $1 billion from its Fed account. They Read more about Bangladesh hopes to recover $30 million more from $81m cyber heist[…]

AdultFriendFinder was hacked, together with affiliates. 400m users data out there

Adultfriendfinder.com 339,774,493 users “World’s largest sex & swinger community” Cams.com 62,668,630 users “Where adults meet models for sex chat live through webcams” Penthouse.com 7,176,877 users Adult magazine akin to Playboy Stripshow.com 1,423,192 users Another 18+ webcam site iCams.com 1,135,731 users “Free Live Sex Cams” Unknown domain 35,372 users Total: 412,214,295 aff Source: AdultFriendFinder was hacked Read more about AdultFriendFinder was hacked, together with affiliates. 400m users data out there[…]

BlackNurse: Ping of death is back, DoS using only a laptop

Remember the days back in the 90s when you could cripple someones Internet connection simply by issuing a few PING command like “ping -t [target]”? This type of attack was only successful if the victim was on a dial-up modem connection. However, it turns out that a similar form of ICMP flooding can still be Read more about BlackNurse: Ping of death is back, DoS using only a laptop[…]