Monthly Archives: June 2017

//June

Web host agrees to pay $1m after it’s hit by Linux-targeting ransomware

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Technica

A Web-hosting service recently agreed to pay $1 million to a ransomware operation that encrypted data stored on 153 Linux servers and 3,400 customer websites, the company said recently.

The South Korean Web host, Nayana, said in […]

By |June 20th, 2017|Cyber News|

Privilege escalation bug in Unix OSes imperils servers everywhere

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

A raft of Unix-based operating systems—including Linux, OpenBSD, and FreeBSD—contain flaws that let attackers elevate low-level access on a vulnerable computer to unfettered root. Security experts are advising administrators to install patches or take other protective […]

By |June 20th, 2017|Cyber News|

Advanced network scan using NETATTACK

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

An advanced network scan and attack script based on GUI. 2nd version of no-GUI netattack.

NETATTACK 2 is a python script that scans and attacks local and wireless networks. Everything is super easy because of the GUI […]

By |June 19th, 2017|Cyber News|

Banks to be forced to reveal all cyber security breaches to the European Central Bank

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Jasper Jolly – Citya

All banks regulated by the European Central Bank (ECB) will be forced to reveal all major cyber security breaches, according to one of the supervisor’s bosses.

Starting this summer, banks directly supervised by the […]

By |June 19th, 2017|Cyber News|

Russia’s new cyber weapon turns up the heat on US efforts

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: WS Examiner

Reports that the Russians have an advanced new cyber weapon designed to penetrate and cripple opponents’ electrical grids, and perhaps other critical infrastructure, have struck a Cold War note with lawmakers. Yet, it was […]

By |June 19th, 2017|Cyber News|

Thailand plans cyber network scrutiny, law to toughen online monitoring

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Reuters

Thailand aims to buy software to strengthen the military government’s ability to track online networks and monitor online activity while planning a cyber law that will expand powers to pry into private communications.

The beefing up […]

By |June 19th, 2017|Cyber News|

Make hashdump module work with Windows 10 – SAM Mode

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Rogdham

The new patch mechanism dont allow you to get the hashdump on Windows 10. Currently the hashdump module will display all hash output are empty.

Example (all hash empty on Windows 10):
Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
IEUser:1000:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
sshd:1001:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
sshd_server:1002:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::

Recently Rogdham came up with new […]

By |June 19th, 2017|Metasploit, Papers|

Grab TOR hidden service configurations in linux – Advance Footprinting

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credit: xcellerator

This is nice and clean post exploitation that steals hostnames and private keys of TOR hidden services originating from the target machine. The technique can be used and implemented in Advance Footprinting as well as Forensics.

Tested […]

By |June 19th, 2017|Metasploit, Papers|

UAC bypass module for Windows 10 – Metasploit

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credit: Christian

This module exploit a recently disclosed bypassuac method on windows 10 that is currently unpatched.
By editing a registry key and launching fodhelper.exe autoelevated process, one can get an elevated meterpreter session without dropping any file.
This technique […]

By |June 19th, 2017|Metasploit, Papers|

WIKILEAKS REVEALS HOW THE CIA COULD HACK YOUR ROUTER

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Source: Wired

YOUR WI-FI ROUTER, sitting in the corner of your home accumulating dust and unpatched security flaws, provides an attractive target for hackers. Including, according to a new WikiLeaks release, the CIA.

On Thursday, WikiLeaks published a […]

By |June 17th, 2017|Cyber News|