exploit

The State of Exploit Development: Part 2

Aug 22, 2020 by iHash Leave a Comment

In Part 1 of this two-part blog series, we addressed binary exploitation on Windows systems, including some legacy and contemporary mitigations that exploit writers and adversaries must deal with in today’s cyber landscape. In Part 2, we will walk through more of the many mitigations Microsoft has put in place. Modern Mitigation #1: Page Table Randomization As explained in Part … [Read more...] about The State of Exploit Development: Part 2

The State of Exploit Development: Part 1

Aug 7, 2020 by iHash Leave a Comment

Memory corruption exploits have historically been one of the strongest accessories in a good red teamer’s toolkit. They present an easy win for offensive security engineers, as well as adversaries, by allowing the attacker to execute payloads without relying on any user interaction. Fortunately for defenders, but unfortunately for researchers and adversaries, these types of … [Read more...] about The State of Exploit Development: Part 1

Over A Billion Malicious Ad Impressions Exploit WebKit Flaw to Target Apple Users

Oct 1, 2019 by iHash Leave a Comment

The infamous eGobbler hacking group that surfaced online earlier this year with massive malvertising campaigns has now been caught running a new campaign exploiting two browser vulnerabilities to show intrusive pop-up ads and forcefully redirect users to malicious websites.To be noted, hackers haven't found any way to run ads for free; instead, the modus operandi of eGobbler … [Read more...] about Over A Billion Malicious Ad Impressions Exploit WebKit Flaw to Target Apple Users

[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly

Sep 25, 2019 by iHash Leave a Comment

An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned.One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also … [Read more...] about [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly

PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online

May 22, 2019 by iHash Leave a Comment

An anonymous hacker with an online alias "SandboxEscaper" today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system—that's his/her 5th publicly disclosed Windows zero-day exploit [1, 2, 3] in less than a year.Published on GitHub, the new Windows 10 zero-day vulnerability is a privilege escalation issue that could … [Read more...] about PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online

Shopify Flaw Exposed Thousands of Merchants’ Revenue, Traffic Numbers

Apr 18, 2019 by iHash Leave a Comment

The flaw, which existed in a Shopify API endpoint, has been patched. Source link … [Read more...] about Shopify Flaw Exposed Thousands of Merchants’ Revenue, Traffic Numbers

« Previous Page

Apple AirPods Pro 2 with MagSafe USB-C Charging Case (Refurbished) for $159

Apple Mac mini M2 (Early 2023) 8GB RAM 256GB SSD (Refurbished) for $359

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34