Hackersidea

IoT-focused security company Armis Labs revealed a Bluetooth-based attack that impacts billions of devices, including Android, Linux, and unpatched Windows and iOS10 or earlier devices. Along with the Bluetooth attack, which the company called "BlueBorne," Armis also revealed eight zero-day vulnerabilities that could be used to facilitate the BlueBorne attack against some devices. Devastating Potential According to Armis Labs, BlueBorne not only affects billions of smartphones, desktops, sound systems, and medical devices, but it requires no action from users. It's also invisible to users, and worst of all, it can start spreading from device to device on its own.Because the Bluetooth process has high privileges on most operating systems, that means once BlueBorne reaches a device, it can also cause significant damage through remote code execution, man-in-the-middle (MITM) attacks, or by penetrating air-gapped networks that otherwise have no internet c

Security researchers have discovered a massive malware campaign that has already infected more than 250 million computers across the world, including Windows and Mac OS. Dubbed Fireball , A strain of Chinese browser-hijacking malware is an adware package that takes complete control of victim's web browsers and turns them into zombies, potentially allowing attackers to spy on victim's web traffic and potentially steal their data. Fireball is capable of executing any code on the infected machines, resulting in a wide range of actions from stealing credentials to dropping additional software nasties Check Point researchers, who discovered this massive malware campaign, linked the operation to Rafotech, a Chinese company which claims to offer digital marketing and game apps to 300 million customers.While the company is currently using Fireball for generating revenue by injecting advertisements onto the browsers, the malware can be quickly turned into

Following the host of worldwide ransomware attacks by a malware called WannaCry , a new one called EternalRocks has arrived and is said to be potentially more dangerous than the former. According to a report, researchers have said that ‘EternalRocks’ exploits the same vulnerability in Microsoft Windows that helped WannaCry spread to computers. The malware too uses an NSA tool known as ‘ EternalBlue ’ for proliferation, according to a report in Fortune. The report added that EternalRocks uses six other NSA tools, including EternalChampion, EternalRomance, and DoublePulsar , which is a part of the infamous ‘ WannaCry ’. The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe.   Initially, it was just WannaCrypt or WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March this year. The malware encrypted files on infected machines and demanded payment fo

The WannaCry ransomware attack was a worldwide cyberattack by the WannaCry  ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. The attack started on Friday, 12 May 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries. Parts of Britain's National Health Service (NHS), Spain's Telefónica, FedEx and Deutsche Bahn were hit, along with many other countries and companies worldwide. WannaCry spreads across local networks and the Internet to systems that have not been updated with recent security updates, to directly infect any exposed systems. A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations had not yet applied it. Those still running exposed older, unsupported op

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.    An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.    Security on the web depends on a variety of mech

Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user’s web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. The impact of a successful CSRF attack is limited to the capabilities exposed by the vulnerable application. For example, this attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. In effect, CSRF attacks are used by an attacker to make a target system perform a function via the target's browser without knowledge of the target user, at least until the unauthorized transaction has been committed. Impacts of successful CSRF exploits vary greatly based on the privileges of each victim. When targeting a normal user, a successful CSRF attack can compromise end-user data and their associated functions. If the targeted end user is an administrator account, a CSRF attac