Jump to content

Search the Community

Showing results for tags 'hacking'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • NEWS
    • Coders-Resources News
  • General Chat Talk
    • Hacking News & Chat
    • Let It Out
    • mIRC Script Creations
  • Chat Networks
    • Coders-IRC
    • Koach.com
    • Buzzen
    • Sparkpea
    • IRC-Community
  • IRC Help and News
    • IRCd Snippets
    • Eggdrop
    • IRC Clients
    • IRC Servers & Rooms
  • Downloads
    • KVirc
    • Eggdrop
  • Tutorials
    • IRC Network Tutorials
    • IRC Client Tutorials
  • Support Files & DLL's
  • Slovenain Scriptz
  • KVIRc Client
    • KVIRC Updates
    • KVIRc Themes
    • KVIRc Addons

Categories

  • Info Addons
    • Addons ( Italian )
  • Scriptz(IRC)
    • Italian Scripts (IRC)
    • Romanian Scripts
    • Turkish Scripts
  • IRC Bots
  • Multiconn Scripts
  • Buzzen
    • Buzzen Addons
    • Buzzen Archives
  • Sparkpea (ircwx)
    • Sparkpea Scripts (ircwx)
    • Sparkpea Connections (ircwx)
  • Script Support Files & DLL's
  • IRC Administration Resources
  • IRCd's
  • Server Clients
  • Scripting Essentials
  • MSN Archive Scripts
    • Addons
    • War Scriptz
    • MSN Addons
  • EggDrop
    • Anti-Spam Scripts
    • Info Scripts
    • Eggdrop Modules ( French )
    • Game Scripts
    • Greet Scripts
    • Services Scripts
  • KVIrc
    • KVIrc Addons
    • KVIrc Theme's
    • KVIrc exe
  • IRC Addons
    • IRC Game Addons
    • Socket Addon
    • Seen Addons
    • Search Addons
    • Scan Addons
    • Misc Addons
    • Query Addons
    • IRC Tool Addons
    • Protection addons
  • IRCWX
    • IRCWX Scripts
    • IRCWX Addons
    • IRCWX Connections

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 5 results

  1. Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. "Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code — which is used in a number of security scanning products," Google Threat Analysis Group's Neel Mehta said in a write-up published on Thursday. The new mechanism was observed to be exploited by a notorious family of unwanted software known as OpenSUpdater that's used to download and install other suspicious programs on compromised systems. Most targets of the campaign are users located in the U.S. who are prone to downloading cracked versions of games and other grey-area software. The findings come from a set of OpenSUpdater samples uploaded to VirusTotal at least since mid-August. READ MORE HERE
  2. More HereThe U.S. Department of Justice (DoJ) on Wednesday indicted three suspected North Korean hackers for allegedly conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses. The three defendants — Jon Chang Hyok, 31; Kim Il, 27; and Park Jin Hyok, 36 — are said to be members of the Reconnaissance General Bureau, a military intelligence division of North Korea, also known as the Lazarus group, Hidden Cobra, or Advanced Persistent Threat 38 (APT 38). Accusing them of creating and deploying multiple malicious cryptocurrency applications, developing and fraudulently marketing a blockchain platform, the indictment expands on the 2018 charges brought against Park, one of the alleged nation-state hackers previously charged in connection with the 2014 cyberattack on Sony Pictures Entertainment. A Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes "North Korea's operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world's leading bank robbers," said Assistant Attorney General John C. Demers of the Justice Department's National Security Division.
  3. A researcher discovered a serious vulnerability in an Xbox subdomain that exposed email addresses behind Xbox accounts. It only required an adversary to meddle with cookie files to extract this information. Xbox Subdomain Vulnerability Researcher Joseph Harris discovered a serious security flaw risking Xbox users’ privacy. The vulnerability existed in the “enforcement.xbox.com” subdomain – the portal letting Xbox users view and manage the enforcement actions against their profiles. Sharing the details with ZDNet, the researcher elaborated that when an Xbox user signs in to the portal, it creates a cookie file on the users’ browser having details of the web session. While this cookie helps in letting the user in without re-authentication, that’s where the problem existed. Specifically, this cookie file included Xbox user ID (XUID) in unencrypted form. Thus, anyone capable of meddling with the cookie file could change this XUID to retrieve other users’ names as well as the email addresses. The following video demonstrates the Xbox subdomain vulnerability leaking users’ data. Microsoft Deployed A Fix Upon discovering the vulnerability, the researcher reported the matter to Microsoft via their Xbox bug bounty program. Microsoft launched this bug bounty program for Xbox earlier this year. Following this report, Microsoft patched the bug last month simply by encrypting the XUIDs. Since it was a server-side fix, users don’t have to do anything to receive the fix. For them, the site continues to work the same way it did. It’s just that it no more discloses the users’ details. Although, this bug couldn’t allow hacking user accounts or the Xbox network. Nonetheless, it did allow an adversary to link users’ real email addresses with gamer tags and profile them. This could further lead to cyberbullying issues as well. Given the less-severe impact of the bug, it didn’t qualify for a bounty. Nonetheless, Microsoft still agreed to list the researcher’s name on its Hall of Fame. Attribution link: https://latesthackingnews.com/2020/11/27/xbox-subdomain-vulnerability-exposed-users-email-addresses/
  4. Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting these vulnerabilities allows code execution attacks. Drupal confirmed known exploits exist. Drupal Code Execution Flaws Reportedly, Drupal has disclosed two serious security flaws, via a recent advisory, that could allow code execution attacks. As elaborated, two critical severity arbitrary PHP code execution flaws affected the different CMS versions. These include CVE-2020-28948 and CVE-2020-28948. Describing the issue in the advisory, Drupal stated, Attribution link: https://latesthackingnews.com/2020/11/28/drupal-release-emergency-fixes-for-critical-code-execution-flaws/ Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting these vulnerabilities allows code execution attacks. Drupal confirmed known exploits exist. Drupal Code Execution Flaws Reportedly, Drupal has disclosed two serious security flaws, via a recent advisory, that could allow code execution attacks. As elaborated, two critical severity arbitrary PHP code execution flaws affected the different CMS versions. These include CVE-2020-28948 and CVE-2020-28948. Describing the issue in the advisory, Drupal stated, Attribution link: https://latesthackingnews.com/2020/11/28/drupal-release-emergency-fixes-for-critical-code-execution-flaws/ Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting these vulnerabilities allows code execution attacks. Drupal confirmed known exploits exist. Drupal Code Execution Flaws Reportedly, Drupal has disclosed two serious security flaws, via a recent advisory, that could allow code execution attacks. As elaborated, two critical severity arbitrary PHP code execution flaws affected the different CMS versions. These include CVE-2020-28948 and CVE-2020-28948. Describing the issue in the advisory, Drupal stated, Attribution link: https://latesthackingnews.com/2020/11/28/drupal-release-emergency-fixes-for-critical-code-execution-flaws/
  5. Facebook released its internally-developed Pysa security tool. Based on the open-source code of Pyre project, Facebook designed Pysa as a static code analyzer. The tool specifically looks for security bugs, unlike most other analyzers. Facebook decided to opensource the tool after witnessing its success in security Instagram. The tech giant’s internal team used the tool for identifying various bugs. Sharing the details of the tool in a post, Facebook stated, Attribution link: https://latesthackingnews.com/2020/08/11/facebook-launches-pysa-instagram-security-tool-as-open-source/
×
×
  • Create New...