NSF Awards $15m for New Secure Internet Architecture

The National Science Foundation NSF is awarding $15 million in grants for the development, deployment and testing of future Internet architectures that are designed to enhance security, respond to emerging service challenges, and increase scalability. In 2010, the NSF Directorate for Computer and...

Comtrend CT 5361T Password Disclosure Vulnerability

Exploit for hardware platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: Comtrend CT 5361T Password Disclosure Vulnerability + Date: 07-04-2014 + Category: WebApp + Tested on: Windows 7 Pro + Vendor: http://www.comtrend.com/ + Product:...

Millions of Vulnerable Routers aiding Massive DNS Amplification DDoS Attacks

The Distributed Denial of Service DDoS attack is becoming more sophisticated and complex with the increase in the skills of attackers and so, has become one of favorite weapon for the cyber criminals to temporarily suspend or crash the services of a host connected to the Internet and till now...

[RouterPassView] Recover lost password from router backup file

Most modern routers allow you to backup the configuration of the router into a file, and then restore the configuration from the file when it's needed. The backup file of the router usually contains important data like your ISP user name/password, the login password of the router, and wireless...

[ZynOS-Attacker] (TP-LINK TD-W8951ND Router) Tool for automated attack on a range of IP

With these scripts you can attack ZynOS routers and modify/extract anything you want on the target router from extracting ISP username and password to injecting rogue DNS servers IPs. Download ZynOS-Attacker...

EE BrightBox Router Vulnerabilities Exposed

Leave it to a software test engineer to be thorough about his home networking gear. Scott Helme, an engineer in the U.K., likes to take a close look at traffic coming and going from new devices installed at his home. Recently, he signed up for fiber service from Everything Everywhere, an ISP in t...

[SpiderFoot v2.1.0] The Open Source Footprinting tool

SpiderFoot is a free, open-source footprinting tool, enabling you to perform various scans against a given domain name in order to obtain information such as sub-domains, e-mail addresses, owned netblocks, web server versions and so on. The main objective of SpiderFoot is to automate the...

Hacker stole $100,000 from Users of California based ISP using SQL Injection

In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies using various techniques including DDoS attack, SQL injection, DNS Hijacking and Zero-Day Flaws. SQL Injection is one of the most common security vulnerabilities on...

Hacker stole $100,000 from Users of California based ISP using SQL Injection

In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies using various techniques including DDoS attack, SQL injection, DNS Hijacking and Zero-Day Flaws. SQL Injection is one of the most common security vulnerabilities on...

Full Disclosure - Multiple vulnerabilities in five Zoom ADSL Modem/Routers

Five models of the Zoom Telephonics ADSL Modem/Router line suffer from multiple critical vulnerabilities, almost all being of a remote access attack vector. Models affected: Zoom X3 ADSL Modem/Router Zoom X4 ADSL Modem/Router Zoom X5 ADSL Modem/Router Zoom ADSL Bridge Modem Model 5715 1...

Zoom Telephonics Bypass / Traversal / Improper Handling

Five models of the Zoom Telephonics ADSL Modem/Router line suffer from multiple critical vulnerabilities, almost all being of a remote access attack vector. Models affected: Zoom X3 ADSL Modem/Router Zoom X4 ADSL Modem/Router Zoom X5 ADSL Modem/Router Zoom ADSL Bridge Modem Model 5715 1...

Multiple Zoom Telephonics Devices Multiple Security Vulnerabilities (Aug 2013) - Active Check

Multiple Zoom Telephonics devices are prone to an information disclosure vulnerability, an authentication bypass vulnerability and an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

Zoom X4 / X5 SQL Injection / Authentication Bypass Vulnerabilities

Zoom X4 and X5 modems suffers from authentication bypass and remote SQL injection vulnerabilities. Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3...

Maldives Telecom ISP SQL Injection

Title: ====== Maldives Telecom ISP - SQL Injection Vulnerability Date: ===== 2013-06-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=355 VL-ID: ===== 355 Common Vulnerability Scoring System: ==================================== 9.3 Introduction: ============= Dhiraag...

Maldives Telecom ISP - SQL Injection Vulnerability

Document Title: =============== Maldives Telecom ISP - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=355 Release Date: ============= 2013-06-14 Vulnerability Laboratory ID VL-ID: ==================================== 355 Comm...

Open DNS Resolvers Center Stage in Massive DDoS Attacks

For some perspective on what 300 Gbps of traffic represents, let’s just pretend that your company, as a potential customer, put this massive volume of bits and bytes in front of 20 of the leading Internet service providers. Chances are, all but three or four will tell you “Thanks, but no thanks, ...

Anonymous General Purpose Operating System: Whonix

Whonix is a free desktop operating system OS that is specifically designed for advanced security and privacy. Based on Tor, Debian GNU/Linux and the principle of security by isolation, it realistically addresses common attack vectors while maintaining usability. Online anonymity is made possible...

Israeli Hackers Leak Credit Card Data from Palestine ISP

Along war with airstrikes between Israel and Palestine, Cyber war between hackers from both country on fire. First Hackers from all over world who supporting Palestine start attacking Israeli sites, now a hacker going by name "yourikan" has leaked a complete database from an ISP called PALNET...

Conceptronic Grab'n'Go and Sitecom Storage Center - Password Disclosure

Updated to include Sitecom MD-253 and MD254 Minor textual changes == Conceptronic Grab’n’Go and Sitecom Storage Center - Password disclosure Vulnerability - Security Advisory AA-002 Severity Rating: High Discovery Date: May 5, 2012 Vendor Notification: May 31, 2012 =Impact - System Access -...

Researchers Pull the Plug on Remaining Grum Botnet C&C Servers

Just a couple of days after authorities in the Netherlands pulled the plug on two of the four command-and-control servers behind the Grum spam botnet, the remaining C&C servers have been taken offline as well, thanks to a cooperative effort among researchers. As a result, the number of...