www.hackread.com

By Waqas

Android is undoubtedly one of the most vulnerable operating systems for smartphones with hackers developing new Android malware every 17 seconds. To prove the point researchers have exposed a malware campaign known as “Gooligan” that has been targeting Android users and so far has breached more than 1 million Google accounts of users around the […]

This is a post from HackRead.com Read the original post: Gooligan Attack on Android: Millions of Google Accounts Compromised http://ift.tt/2gH7EzJ http://ift.tt/2aM8QhC

Anúncios

Malware para Android rouba mais de 1 milhão de contas do Google

Malware para Android rouba mais de 1 milhão de contas do Google Vírus Gooligan vem infectando dispositivos equipados com versões mais antigas do Android, a 4.1 a 5.1, que ainda são amplamente utilizadas, especialmente na Ásia http://ift.tt/eA8V8J http://ift.tt/2gKUFcy http://ift.tt/2aM8QhC

Malware para Android rouba mais de 1 milhão de contas do Google

Malware para Android rouba mais de 1 milhão de contas do Google Vírus Gooligan vem infectando dispositivos equipados com versões mais antigas do Android, a 4.1 a 5.1, que ainda são amplamente utilizadas, especialmente na Ásia http://ift.tt/eA8V8J http://ift.tt/2gKUFcy http://ift.tt/2aM8QhC

German Minister Proposes Data Protection Law Aimed at Limiting Privacy Rights

By Carolina

German interior minister has proposed a draft law for data protection (DVD) in which the powers and authorities of German Data Protection department have been limited greatly and they cannot even investigate suspected breaches of legal and medical records of people. Also Read: Statues of Snowden, Assange, Manning unveiled in Berlin’ Alexanderplatz square This particular bill will also […]

This is a post from HackRead.com Read the original post: German Minister Proposes Data Protection Law Aimed at Limiting Privacy Rights http://ift.tt/2gJeBhd http://ift.tt/2aM8QhC

Just Pressing Shift+F10 During Windows 10 Update Makes Your PC Super Easy To Hack – Fossbytes

Just Pressing Shift+F10 During Windows 10 Update Makes Your PC Super Easy To Hack

Short Bytes: A security researcher named Sami Laiho has found a simple flaw in the Windows 10 update procedure that can let a hacker bypass BitLocker and access elevated Command Line. To do so, one needs to hold Shift+F10 during the update process. Laiho advises the users to avoid leaving their PCs unattended during the update process. […]

The post Just Pressing Shift+F10 During Windows 10 Update Makes Your PC Super Easy To Hack appeared first on Fossbytes. http://ift.tt/2gKpezh http://ift.tt/2aM8QhC

Computer Systems at Carleton University Shut Down due to Ransomware

By Uzair Amir

Carleton University (Canada, Ottawa, Ontario) students must keep their computers and Wi-Fi routers off because some of the computers at the university are infected with ransomware. The malware uses encryption to lock the files on the system and ask for ransom. On Tuesday morning, the IT department of the university issued a notification to staff […]

This is a post from HackRead.com Read the original post: Computer Systems at Carleton University Shut Down due to Ransomware http://ift.tt/2gxKnxt http://ift.tt/2aM8QhC

XSSER – From XSS to RCE

From XSS to RCE 2.5 – Black Hat Europe Arsenal 2016Demo

Version 2.0 – 2015: https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZ_O40vP-eKsgf

Version 2.5 – 2016: https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj

Requirements

Python (2.7.*, version 2.7.11 was used for development and demo)

Gnome

Bash

Msfconsole (accessible via environment variables)

Netcat (nc)

cURL (curl) [NEW]

PyGame (apt-get install python-pygame) [NEW]

Payload Compatibility

Chrome (14 Nov 2015) – This should still work.

Firefox (04 Nov 2016) – Tested live at Black Hat Arsenal 2016

WordPress Lab

WordPress http://wordpress.org/

Better WP Security 3.5.3 http://ift.tt/2fD3Ob2

Optional: WPSEO http://ift.tt/1blM6kR

WordPress Exploit

http://ift.tt/2gJHokL

Joomla Lab

Joomla https://www.joomla.org/

SecurityCheck 2.8.9 http://ift.tt/2fD3rNY

Joomla Exploit

http://ift.tt/2gJJvVG

Directories

Audio: Contains remixed audio notifications.

Exploits: Contains DirtyCow (DCOW) privilege escalation exploits.

Joomla_Backdoor: Contains a sample Joomla extension backdoor which can be uploaded as an administrator and subsequently used to execute arbitrary commands on the system with system($_GET[‘c’]).

Payloads/javascript: Contains the JavaScript payloads. Contains a new “add new admin” payload for Joomla.

Shells: Contains the PHP shells to inject, including a slightly modified version of pentestmonkey’s shell that connects back via wget.

Developed By

Hans-Michael Varbaek

Sense of Security

Credits

MaXe / InterN0T

Download XSSER http://ift.tt/2gJK0Pt http://ift.tt/2aM8QhC