Hacking Wisdom
Follow
Find
3.0K views | +2 today
Scooped by Alessandro Parisi
onto Hacking Wisdom
Scoop.it!

Cookie Session Vulnerability in Ruby On Rails and Django

more...
No comment yet.
Hacking Wisdom
Your new post is loading...
Scooped by Alessandro Parisi
Scoop.it!

iOS Malware Campaign "Unflod Baby Panda" | SektionEins GmbH

more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Openssl Heartbleed Metasploit Module

Metasploit openssl heartbleed Exploit module

Alessandro Parisi's insight:

Metasploit openssl heartbleed Exploit module

more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

VMware patches man-in-the-middle vSphere vuln

VMware patches man-in-the-middle vSphere vuln | Hacking Wisdom | Scoop.it

Still no fix for Heartbleed, though experts say attacks improbable

more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Android Privilege Escalation in WebView component | HackingWisdom.com

Android Privilege Escalation in WebView component | HackingWisdom.com | Hacking Wisdom | Scoop.it

 A privilege escalation issue has been discovered in Android < 4.2's WebView component: the issue arises when untrusted Javascript code is executed by a WebView that has one or more Interfaces added to it.

The untrusted Javascript code can call into the Java Reflection APIs exposed by the Interface and execute arbitrary commands.

more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Physical Access No More Needed to Exploit USB Attacks

Physical Access No More Needed to Exploit USB Attacks | Hacking Wisdom | Scoop.it

Due to recent advances in a number of remoting technologies, USB attacks can now be launched over a network.

more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Cisco patches six security flaws that posed DoS cyber attack risk

Cisco patches six security flaws that posed DoS cyber attack risk | Hacking Wisdom | Scoop.it
Calls for IT managers to install IOS software fixes sooner rather than later
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Facebook flashes its One Tool To Rule Them All in security threat analysis

Facebook flashes its One Tool To Rule Them All in security threat analysis | Hacking Wisdom | Scoop.it
Code, or it didn't happen
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Vircurex Bitcoin exchange crumbles in the face of cyberattack | ZDNet

Vircurex Bitcoin exchange crumbles in the face of cyberattack | ZDNet | Hacking Wisdom | Scoop.it
After using cold storage funds to compensate users who lost Bitcoin to cyberattacks, Vircurex has bowed to the inevitable and is freezing user accounts.
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Hackers transform EA Web page into Apple ID phishing scheme - CNET

Hackers transform EA Web page into Apple ID phishing scheme - CNET | Hacking Wisdom | Scoop.it
One of the game maker's servers is breached -- allowing hackers to create a phony Apple log-in screen that prompts users for personal information. EA says it now has the situation under control.
more...
No comment yet.
Rescooped by Alessandro Parisi from d@n3n
Scoop.it!

How to stop memory acquisition by changing one byte.

In our recent paper, we examined memory acquisition in details and tested a bunch of tools. Memory acquisition tools have to achieve two tasks to be useful


Via Danen Raas
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Even HTTPS can leak your PRIVATE browsing

Even HTTPS can leak your PRIVATE browsing | Hacking Wisdom | Scoop.it
'Secure' browsing trapped in a BoG
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Steal WhatsApp database (PoC) | Bas Bosschert

Steal WhatsApp database (PoC) | Bas Bosschert | Hacking Wisdom | Scoop.it
Alessandro Parisi's insight:
“Is it possible to upload and read the WhatsApp chats from another Android application?”
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Fake Google accounts phishing email

Fake Google accounts phishing email | Hacking Wisdom | Scoop.it
Alessandro Parisi's insight:
no-reply@account.google.co    (fake address)  Gentile utente, I tuoi due messaggi in arrivo vengono memorizzati sullo stato sospeso a causa della recente aggiornamento del nostro database, Per poter ricevere i messaggi Clicca qui (fake address redirection) per iscriversi e aspettare la risposta.Ci scusiamo per il disagio e ringraziamo per la comprensione. Gmail, the submit button redirects to:   http://way.to/md1
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Attackers Exploit the Heartbleed OpenSSL Vulnerability to Circumvent Multi-factor Authentication on VPNs

Attackers Exploit the Heartbleed OpenSSL Vulnerability to Circumvent Multi-factor Authentication on VPNs | Hacking Wisdom | Scoop.it
Written by Christopher Glyer and Chris DiGiamo Less than a week since the public disclosure of the “Heartbleed” vulnerability, Mandiant incident responders have already identified successful attack...
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013?

Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013? | Hacking Wisdom | Scoop.it
Yesterday afternoon, Ars Technica published a story reporting two possible logs of Heartbleed attacks occurring in the wild, months before Monday's public disclosure of the vulnerability.
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Report says NSA exploited Heartbleed, kept flaw secret -- but agency denies it - CNET

Report says NSA exploited Heartbleed, kept flaw secret -- but agency denies it - CNET | Hacking Wisdom | Scoop.it
A Bloomberg report says the agency knew about the Heartbleed security flaw that's sent sites like Google scrambling to patch their systems -- but it kept it secret and used it to spy. The agency, however, says that's not so.
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Comodo AV Labs Identifies Dangerous Zeus Banking Trojan Variant - The Comodo Security Corner

Comodo AV Labs Identifies Dangerous Zeus Banking Trojan Variant - The Comodo Security Corner | Hacking Wisdom | Scoop.it
Internet Security
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Virtual cash thieves target Android

Virtual cash thieves target Android | Hacking Wisdom | Scoop.it
Android apps that have been downloaded millions of times have been subverted to mine virtual coins for cyberthieves, say security firms.
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Google denies accessing TechCrunch founder Michael Arrington's email to spy on leakers - CNET

Google denies accessing TechCrunch founder Michael Arrington's email to spy on leakers - CNET | Hacking Wisdom | Scoop.it
TechCrunch founder Michael Arrington has charged Google with accessing his Gmail account to find out who leaked news to him. Google denies it ever happened.
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Android smartphones and tablets could be bricked by security flaw

Android smartphones and tablets could be bricked by security flaw | Hacking Wisdom | Scoop.it
Security researchers uncover exploit in all Android versions, including 4.0 and above
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Linux worm Darlloz targets Intel architecture to mine digital currency | ZDNet

Linux worm Darlloz targets Intel architecture to mine digital currency | ZDNet | Hacking Wisdom | Scoop.it
A new variant of the Darlloz worm focuses on manipulating home systems to mine for digital currency beyond Bitcoin.
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

GUI Vulnerabilities Expose Information Disclosure, Privilege Escalation - Threatpost

GUI Vulnerabilities Expose Information Disclosure, Privilege Escalation - Threatpost | Hacking Wisdom | Scoop.it
GUI Vulnerabilities Expose Information Disclosure, Privilege Escalation Threatpost An attack, he claims, is reduced to manipulating one or multiple user interface widgets, which is easier than reverse engineering an application's binary, database...
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Security researchers uncover three-year-old 'RUSSIAN SPYware'

Security researchers uncover three-year-old 'RUSSIAN SPYware' | Hacking Wisdom | Scoop.it
Claim Agent.BTZ-alike Uroburos could be state-backed
more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Implementing a web server in a single printf() call | Tinyhack.com

more...
No comment yet.
Scooped by Alessandro Parisi
Scoop.it!

Google encrypts search traffic to combat PRISM and Chinese government spying

Google encrypts search traffic to combat PRISM and Chinese government spying | Hacking Wisdom | Scoop.it
Moves to protect users' privacy from hackers and data-harvesting spies
more...
No comment yet.