Linux Australia Breached by Hackers

Linux Australia, a consortium in charge of organizing Linux conferences Down Under, acknowledged over the weekend it was breached by attackers who were able to secure access to one of its servers, and with it, potential user information. In a detailed email to users on Saturday, the group’s...

MongoDB management tool exposure remote code execution vulnerability-vulnerability warning-the black bar safety net

MongoDB, the IT sector mainstream non-relational database NoSQL platform is one that is based on a table of a relational database of the popular alternatives. Recently, the management for MongoDB is a GUI tool phpMoAdmin is the storm has a very serious security vulnerability, once exploited, this...

Obama Administration Seeks More Legal Power to Disrupt Botnets

The federal government is seeking more legal power to step in and shut down botnets through an amendment to the existing criminal law, which would allow the Department of Justice to obtain injunctions to disrupt these malicious networks. The Obama administration has proposed an amendment to...

CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS

DDoS attacks have been a persistent problem for the the better part of 20 years, and as ISPs and enterprises have adjusted their defenses, attackers have adapted their tactics. One of the more effective tools in the attackers’ arsenal now is the use of botnets to generate massive numbers of DNS...

Ransomware Looming As Major Long-Term Threat

On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said...

Ramnit Botnet Shut Down

The Ramnit botnet, a favorite among thieves dabbling in financial fraud for its frequent updates, has been shut down in a joint effort spearheaded by Europol’s European Cybercrime Centre EC3. In a statement today, EC3 said investigators from across Europe, along with Microsoft, AnubisNetworks and...

Europol Takes Down RAMNIT Botnet that Infected 3.2 Million Computers

It seems like the world has declared war against the Cyber Criminals. In a recent update, we reported that FBI is offering $3 Million in Reward for the arrest of GameOver Zeus botnet mastermind, and meanwhile British cyber-police has taken down widely-spread RAMNIT botnet. The National Crime Agen...

FBI Offers $3 Million Reward For Arrest Of Russian Hacker

The US State Department and the Federal Bureau of Investigation announced Tuesday a $3 Million reward for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev, one of the most wanted hacking suspects accused of stealing hundreds of millions of dollars with h...

PT-2015-1277

Name of the Vulnerable Software and Affected Versions D-Link DIR-645 Wired/Wireless Router Rev. Ax versions prior to 1.04b12 Description The HNAP Home Network Administration Protocol interface fails to properly neutralize special characters used in OS commands. This allows remote attackers to...

Google releases Cloud-based Web App Vulnerability Scanner and Assessment Tool

Google on Thursday unleashed its own free web application vulnerability scanner tool, which the search engine giant calls Google Cloud Security Scanner, that will potentially scan developers' applications for common security vulnerabilities on its cloud platform more effectively. SCANNER ADDRESSE...

ZeroAccess Returns, Resumes Click-Fraud Activity

Long thought dead, the peer-to-peer P2P ZeroAccess botnet has resurfaced, and as of just a few weeks ago, has returned to propagating click-fraud scams. Researchers with Dell’s SecureWorks revealed Wednesday that they witnessed the botnet restart itself from March 21 to July 2, 2014 and that...

Malicious software new play: hidden in the Pastebin on the backdoor-vulnerability warning-the black bar safety net

Quickly share text, code, website, Pastebin often used by hackers are used to share their libraries, stolen data and other code, and now it really is for hackers. Recently security researchers actually found hackers is via Gmail drafts, Evernote and other platforms to control the botnet. Security...

Lizard Squad's DDoS Site Runs on Hacked Home Routers

The distributed denial of service attacks that crippled both Xbox Live and the PlayStation Network PSN shortly after the holidays came at the hands of a botnet largely comprised of hacked home routers. The botnet is managed by Lizard Squad, the group of hackers that took credit for knocking the...

Phase botnet blind SQL injection vulnerability

Get Phase botnet login information via blind SQL injection. Usage Info php pwn.php ?php // Panel.zip hash: c49c74a609b24284a0a66fc008c4d8f2 // Start with PHP CLI php pwn.php settimelimit0; // Adjust this : define'SLEEPTIME', '4'; define'PAGETIME', 4; define'URL', 'http://localhost/Phase/';...

Upatre Downloader Spreading Dyreza Banking Trojan

The Upatre downloader is the vehicle that has driven numerous banking Trojan and ransomware attacks to the front door of countless victims at great cost. Microsoft on Thursday warned of a wire-transfer spam campaign that it’s spotted that is spreading Upatre and eventually loading the dangerous...

iBanking botnet Shell Upload Vulnerability

Exploit for php platform in category web applications FiLEZ: 0day.today 2018-03-28...

Atrax Botnet Shell Upload Vulnerability

Exploit for php platform in category web applications import random import string import base64 import urllib import urllib2 payload = '' url = 'http://localhost/atrax/' BOTMODEINSERT = 'b' BOT MODE BOTMODERUNPLUGIN = 'e' GETPARAMMODE = 'a' GET PARAM POSTPARAMGUID = 'h' POST PARAM POSTPARAMIP = '...

Matsnu Botnet DGA Builds Domains From List of Nouns, Verbs

Domain generation algorithms have been botmasters’ favorite tool for keeping malware up and running—and for frustrating security researchers and detection technologies. Like malware, DGAs evolve, thus complicating an already tricky cat-and-mouse game between criminals and white hats. The latest i...

Bash broken shell vulnerability ShellShock and Transfiguration: for the mail server SMTP attack-vulnerability warning-the black bar safety net

Bash broken shell vulnerability, ShellShock, CVE-2 0 1 4-6 2 7 1 new using the method again! According to the Internet storm center SANS InternetStorm Center for the latest news: a broken shell vulnerability the latest The use of the method of initiation of a new round of attack is brewing, this...

Shellshock Exploits Used Against SMTP Servers at Webhosts

The persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts, said a report published by the SANS Internet Storm Center. Attackers are using Shellshock exploits targeting the now infamous...