Hackersidea

With the growing number of cyber attacks and data breaches, a number of tech companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Samsung is the latest in the list of tech companies to launch a bug bounty program, announcing that the South Korean electronics giant will offer rewards of up to $200,000 to anyone who discovers vulnerabilities in its mobile devices and associated software. Dubbed Mobile Security Rewards Program , the newly-launched bug bounty program will cover 38 Samsung mobile devices released from 2016 onwards which currently receive monthly or quarterly security updates from the company. Conditions for rewards qualification: 1. Security vulnerability report ("Report") must be applicable to eligible Samsung Mobile devices, services, applications developed and signed by Samsung Mobile, or elig

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers. The SANS Internet Storm Center issued an alert Thursday, saying an attack campaign is compromising Windows servers through a vulnerability tracked as CVE-2017-5638. The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process. This vulnerability was patched on March 6 in Struts versions 2.3.32 and 2.5.10.1. Attackers started exploiting the flaw almost immediately, leaving very little time for server administrators to deploy the update. While the initial attack campaigns deployed simple backdoors and Unix bots, the latest attacks seen by researchers from SANS is deploying a potentially much more damaging malware: the Cerber ransomware program. Cerber appeared over a year ago and has had time to mature. It is w

Bashware is the name of a new technique that allows malware to use a new Windows 10 feature called Subsystem for Linux (WSL) to bypass security software installed on an endpoint. Back in 2016, Microsoft announced WSL as a way to run a Linux shell (Bash) inside the Windows 10 operating system. This was done to appeal to the developer community who primarily uses Linux due to its ease of use when it comes to programming-related tasks. WSL works by taking Bash commands users type in a CLI, converting the shell commands to their Windows counterparts, processing the data inside the Windows kernel, and sending back a response, to both the Bash CLI and a local Linux file system. The WSL feature has been under development in a beta stage since March 2016, but Microsoft recently announced WSL would reach a stable release this autumn with the release of the Windows 10 Fall Creators Update, scheduled for October 17. Bashware attack is invisible to current security so

IoT-focused security company Armis Labs revealed a Bluetooth-based attack that impacts billions of devices, including Android, Linux, and unpatched Windows and iOS10 or earlier devices. Along with the Bluetooth attack, which the company called "BlueBorne," Armis also revealed eight zero-day vulnerabilities that could be used to facilitate the BlueBorne attack against some devices. Devastating Potential According to Armis Labs, BlueBorne not only affects billions of smartphones, desktops, sound systems, and medical devices, but it requires no action from users. It's also invisible to users, and worst of all, it can start spreading from device to device on its own.Because the Bluetooth process has high privileges on most operating systems, that means once BlueBorne reaches a device, it can also cause significant damage through remote code execution, man-in-the-middle (MITM) attacks, or by penetrating air-gapped networks that otherwise have no internet c

Security researchers have discovered a massive malware campaign that has already infected more than 250 million computers across the world, including Windows and Mac OS. Dubbed Fireball , A strain of Chinese browser-hijacking malware is an adware package that takes complete control of victim's web browsers and turns them into zombies, potentially allowing attackers to spy on victim's web traffic and potentially steal their data. Fireball is capable of executing any code on the infected machines, resulting in a wide range of actions from stealing credentials to dropping additional software nasties Check Point researchers, who discovered this massive malware campaign, linked the operation to Rafotech, a Chinese company which claims to offer digital marketing and game apps to 300 million customers.While the company is currently using Fireball for generating revenue by injecting advertisements onto the browsers, the malware can be quickly turned into

Following the host of worldwide ransomware attacks by a malware called WannaCry , a new one called EternalRocks has arrived and is said to be potentially more dangerous than the former. According to a report, researchers have said that ‘EternalRocks’ exploits the same vulnerability in Microsoft Windows that helped WannaCry spread to computers. The malware too uses an NSA tool known as ‘ EternalBlue ’ for proliferation, according to a report in Fortune. The report added that EternalRocks uses six other NSA tools, including EternalChampion, EternalRomance, and DoublePulsar , which is a part of the infamous ‘ WannaCry ’. The last 10 days have seen a wave of cyber attacks that have rendered companies helpless around the globe.   Initially, it was just WannaCrypt or WannaCry that spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March this year. The malware encrypted files on infected machines and demanded payment fo

The WannaCry ransomware attack was a worldwide cyberattack by the WannaCry  ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. The attack started on Friday, 12 May 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries. Parts of Britain's National Health Service (NHS), Spain's Telefónica, FedEx and Deutsche Bahn were hit, along with many other countries and companies worldwide. WannaCry spreads across local networks and the Internet to systems that have not been updated with recent security updates, to directly infect any exposed systems. A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations had not yet applied it. Those still running exposed older, unsupported op

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.    An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.    Security on the web depends on a variety of mech