Home » Tag Archives: attack

Tag Archives: attack

Fileless Malware Attack Evades AV with DNS

Malware authors never fail to find new ways of doing the same thing to go under the AV’s radar. Recently, Cisco’s security researchers team Talos spotted a novelty in controlling exploited computers. Dubbed DNSMessenger, it’s a Remote Administration Tool (RAT) that used DNS to communicate with Command & Control server. DNSMessenger Infection Chain Even though attack vector includes a file, ... Read More »

Balance.png

The Balance Attack – A Novel Type of Attack Against PoW Blockchains

Researchers, from the University of Sydney, identified a new type of attack, which they named the “Balance attack”, that can be launched against proof-of-work PoW blockcains such as ethereum’s and bitcoin’s. The attack is based on delay of network communications amongst groups of nodes that possess somehow balanced mining power. The theoretical analysis, of the authors of the paper, depicts ... Read More »

Single Computer DoS – Slow Loris Attack

Usually, hackers use a lot of computers (or toasters) to take down a server by overwhelming it with traffic. However, the same goal can sometimes be achieved with a single computer. In this article, I’m going to analyze my favorite denial of service attack known as Slow Loris attack and python code implementation from github. I found and tested 2 ... Read More »

http://www.aerotelegraph.com/wp-content/uploads/2016/12/hacker.jpg

Aviation Industry Under Attack By Chinese Hackers

A recent study by a security company shows that Chinese hackers are conducting successful cyberattacks on the aviation industry. Long since, security experts have been warning firms and governments against Chinese hacker attacks aiming at sensitive information and business secrets. Fire Eye, a security software company, released a report showing that the cybercriminals from the Asian country are attacking the ... Read More »

Recent DDoS Attack Sparks Consumer Need for IoT Protection

The massive DDoS attack that took out the host of several popular websites in the United States and Europe in October still didn’t seem to be enough to get the ball rolling on a set of national cybersecurity laws. Adam Levin, founder of the data protection company IDT911 sees the recent attack as one of several reasons to implement these ... Read More »

Tor’s Biggest Threat – Correlation Attack

Throughout the years of Tor existence many users lost their anonymity. I’m going to explain a technique called “Correlation Attack” that government agencies used in the past for that purpose. These include exploiting human errors as well as highly sophisticated mathematical methods exploiting software flaws. This attack has been around since Tor widespread usage began and it seems like it ... Read More »

FBI’s Attack On Tor Shows The Threat Of Subpoenas To Security Researchers

Security companies and institutes have a hard time doing their research nowadays. A lawsuit could be filed against them by the “victim” firm or even worse, they could be even criminally indicted if their white-hat hacking violates the Computer Fraud and Abuse Act. However, the biggest threat to researchers are subpoenas, which could be filed against them by law enforcement ... Read More »

New HTTPS Flaw: “DROWN” Attack

The OpenSSL project recently released a new update to address a critical vulnerability (CVE-2016-0800) dubbed “DROWN” which stands for “Decrypting RSA using Obsolete and Weakened eNcryption”. From the OpenSSL security advisory: “A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. ... Read More »

`Does Vulnerability Testing Expose All Attack Vectors ?

Study Case A – Penetration Testing By Navy Seals Team Six The Navy Seals Team 6 were assigned a tedious task by The Pentagon . Its mission is to move stealthily into the newly invented working space of NASA, locate where the servers are kept, retrieve classified information from the servers and finally get out of the building without being ... Read More »

Alphabay Under Attack, Alternate Links are Working Fine

As said by an official support account for Alphabay market: Alphabay Under Attack, alternate links are working fine – We are mitigating another DDoS attack. Will be resolved as usual. Please use the alternate links if the main link has issues. Alternative access links to Alphabay market are available here  & here. Read More »

Cryptanalytic Breakthrough: What Are Diffie-Hellman and the Logjam Attack?

Public key cryptography: What is Diffie-Hellman? When the expansion of electronic communication was becoming foreseeable in the 1970s, researchers in both public and classified environments began to reconsider how a secure message could be sent between two people on a public channel vulnerable to eavesdroppers. Simply put, the challenge is this: encrypting and decrypting a message requires a key. If ... Read More »