background preloader

Hacking

Facebook Twitter

Norse sur Twitter : "Bypassing Antivirus with Shellter 4.0 on Kali Linux #Linux @Cyberarms #hacking. Bypassing Antivirus with Shellter 4.0 on Kali Linux. Featured Articles Having trouble getting a Meterpreter shell past that pesky AV?

Bypassing Antivirus with Shellter 4.0 on Kali Linux

Check out the new Shellter 4.0 shell obfuscation program! The latest version of Shellter for pentesters was revealed at B-Sides Lisbon earlier this month. Updates include increased obfuscation through a custom encoder and polymorphic decoder. Also this version saves a few steps by including the most common Meterpreter shells. Shellter works by taking a legit Windows .exe file, adds the shell code to it and then does a great job of modifying the file for AV bypass.

So enough talk, let’s see it in action! 1. Healthcare sector is finding ways to minimize hackability. Did you know the healthcare industry is a far easier target for hackers to invade than the banking or retail industries?

Healthcare sector is finding ways to minimize hackability

With more entry points into healthcare systems, cybercriminals can attack medical devices — CT and PET scanners, MRI machines, and PACS via MEDJACK (medical device hijack) and infect them with malware — thus creating back doors into your hospital network. Hackers in the Darknet are already discussing the possibilities. They can sit on PHI (Protected Health Information) for a year or more with the knowledge that the stolen data will eventually create a highly lucrative financial nest egg. Last year, the FBI distributed private notices to healthcare providers, urging them to report suspicious or criminal activities. The agency stated that the healthcare industry is not as resilient to cyber intrusions because security is not as mature as financial and retail sectors, “therefore the possibility of increased cyber intrusions is likely.”

Vulnerabilities. The Hackingteam Archives. Hack and Don't Talk Smack - Norse. Featured Articles There was a time when a reporter was called a hack.

Hack and Don't Talk Smack - Norse

This term referred to their ability to hack away on a typewriter to create a story on a short deadline. Somewhere in the 1950’s MIT’s Railroad Club adopted the term when they saw a cool use of technology. Norse sur Twitter : "Hack and Don't Talk Smack via @hackerhigh #infosec #security #hacking... Hack and Don't Talk Smack - Norse.

Hack and Don’t Talk Smack. Hack and Don’t Talk Smack. What companies need to know about email hacking. Two days before Christmas, Coca-Cola disconnected voice mail at its Atlanta headquarters, telling people it was more productive to use alternative methods, such as texts, to reach people.

What companies need to know about email hacking

That news came amid continuing revelations surrounding the Sony email hacking scandal, making some people question whether electronic mail will also be relegated to the trash bin with land lines, portable typewriters and other outdated technology. “In the wake of the Sony hacking crisis, executives and other employees will avoid email and instead will look for safer, more secure alternatives, such as file sync and share platforms that are built for businesses, using higher security and tighter access control,” predicted Daren Gleniser, the field chief technology officer at Intralinks, a company that offers the type of technology he described.

Overwhelmed by targeted attacks Modern strategies What are some companies doing to address the issue? Attacks will happen. JailbreakMe 3.0. LulzSec's Top 3 Hacking Tools Deconstructed. Analysis suggests LulzSec was most effective using a relatively unknown vulnerability to launch large-scale, botnet-driven attacks against everyone from Sony to the Senate.

LulzSec's Top 3 Hacking Tools Deconstructed

(click image for larger view) Slideshow: 10 Massive Security Breaches In its 50-day hacking spree, how did the hacking group known as LulzSec manage to break into so many websites? All told, the group appears to have relied heavily on three attack techniques: using remote file include (RFI), SQL injections, and cross-site scripting. That's according to an analysis conducted by data security vendor Imperva, which studied the leaked LulzSec IRC chat logs recently published by the Guardian. Interestingly, according to the Open Web Application Security Project's list of the top 10 biggest application security risks, injection attacks and cross-site scripting, respectively, placed first and second. But RFI--a "not widely discussed" type of attack, according to Imperva--is a different story.

Get Cocoon. Hacking. Hacks. Technology & Hacking. YouTube hacked, Google Acknowledges. Malicious hackers attacked Google's YouTube on Sunday, exploiting a cross-site scripting (XSS) vulnerability on the ultra-popular video sharing site, hitting primarily sections where users post comments.

YouTube hacked, Google Acknowledges

"Comments were temporarily hidden by default within an hour [of discovering the problem], and we released a complete fix for the issue in about two hours. We’re continuing to study the vulnerability to help prevent similar issues in the future," a Google spokesman said via e-mail. The attack potentially put at risk YouTube cookies of users who visited a compromised page, but it couldn't be used to access their Google accounts, the spokesman said. As a precaution, YouTube users should log out of their account and log back in again.

To continue reading, register here to become an Insider It's FREE to join YouTube is by far the most popular video uploading and sharing site.