The Hacker News reports that
the world’s infamous Angler exploit kit has become the most advanced, much more powerful and the best exploit kit available in the market, beating the infamous BlackHole exploit kit, with a host of exploits including zero-days and a new technique added to it.
Joomla websites using the Googlemaps plugin for Joomla are actively abused as open proxy for launching Denial-of-Service (DoS) attacks. Even though the Googlemaps plugin vulnerability
plugin_googlemap2_proxy.php was released over one and a half (1,5) years ago, I still see these DoS-attacks happening on a regular basis…
Security Advisory 3010060 provides additional protections regarding limited, targeted attacks directed at Microsoft Windows customers. A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously-crafted PowerPoint document that contains an infected Object Linking and Embedding (OLE) file.
SSDP amplified reflective DDoS attacks: The Internet Storm Center (ISC) InfoSec Handlers Diary Blog writes about a recent -significant- increase in both scanning for 1900/UDP and a huge increase of 1900/UDP being used for amplified reflective DDOS attacks: 1900/UDP (SSDP) Scanning and DDOS
mail() function to perform remote code execution, under rare circumstances.
A vulnerability in PHP’s
phpinfo() function allows PHP scripts to read arbitrary strings from memory.
Back To The Future: Unix Wildcards Gone Wild: DefenseCode‘s Leon Juranic released an article explaining an old-school hacking technique: Unix wildcard poisoning attacks. No ASLR bypass, ROP exploits or 0day remote kernel exploits, but if you wonder how basic Unix tools like ‘tar’, ‘chmod’ or ‘chown’ can lead to full system compromise, keep on reading.
Summer vacation’s over? More and more SQL injection attacks observed
Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? This increased SQL injection activity – on various web sites and databases – has the following characteristics:Continue reading
WordPress 3.9.2 is now available as a security release for all previous versions. We strongly encourage you to update your sites immediately. This release fixes a possible denial of service issue in PHP’s XML processing, reported by Nir Goldshlager of the Salesforce.com Product Security Team. It was fixed by Michael Adams and Andrew Nacin of the WordPress security team and David Rothstein of the Drupal security team. This is the first time our two projects have coordinated on joint security releases.
How to put a MySQL server to sleep()
sleep() command injection attacks: how not validating your PHP user input can lead to Denial of Service (DoS) attacks against websites and back-end database servers. Simply by putting “
AND sleep(3)” in the address bar… Happy SQL injection!
Let’s continue on the PGP (GnuPG, OpenPGP) and email security/privacy topics. Riseup put together an OpenPGP Best Practises guide.
“This post is about sending SMTP traffic between two servers on the Internet over Tor, that is without someone being able to easily see who is sending what to whom. IMHO, it can be helpful in some situations to certain groups of people.”
Chinese Android smartphones coming pre-installed with Uupay.D trojan: the cheap Star N9500 Android smartphone comes pre-installed with Uupay.D trojan, reports AmongTech (via Heise.de).