securityXspace: a blog about cyber-philosophy.
-
Inside the Mind of Cyber Criminals
http://ift.tt/2fYHoOs To learn more about how cyber criminals operate in the dark web, we asked our own Andrei Barysevich a few questions. Below is what he had to say. You have spent a great deal of time studying actual cyber crime activity, forums, and behavior in recent months. What are some of the things you’ve…
-
netsec/ Q3-2016: State of The Internet Security Report by Akamai
Akamai publish the Q3 2016 State of the Internet Security Report. TL;DR: DDoS Attacks in Q3 2016 vs Q3 2015: 71% increase in total DDoS attacks 77% increase in infrastructure layer (layer 3&4) attacks 138% increase in attacks > 100Gbps: 19 vs 8 DDoS attacks, Q3 2016 vs. Q2 2016: 8% decrease in total DDoS…
-
![netsec/ Nginx (Debian) – Root PrivEsc [CVE-2016-1247]](https://securityx.space/wp-content/uploads/2016/11/nginx.png?w=469)
netsec/ Nginx (Debian) – Root PrivEsc [CVE-2016-1247]
Video PoC Exploit for Nginx packaging on Debian-based distros The video below demonstrates how an attacker using the CVE-2016-1247 vulnerability in Nginx packaging on Debian-based systems (such as Debian, Ubuntu etc.), could escalate their privileges to root user upon gaining access to the system as www-data user. In the presented scenario, the attacker gains the…
-
/r/netsec/Risky design decisions in Google Chrome and Fedora desktop enable drive-by downloads
Risky design decisions in Google Chrome and Fedora desktop enable drive-by downloads Ref: http://ift.tt/2eDoX4q Date: November 15, 2016 at 10:04PM Author: albinowax
-
SSHowDowN Proxy attacks – A 12-Year-Old SSH bug exposes more than 2M IoT Devices
SSHowDowN Proxy attacks – A 12-Year-Old SSH bug exposes more than 2M IoT Devices http://ift.tt/2eyO4F0 Akamai Technologies revealed that hackers are exploiting a 12-year-old bug in OpenSSH to hack into millions of IoT devices with SSHowDowN Proxy attacks. IoT devices are a privileged target for hackers, design flaws and wrong configurations open to the attackers.…
-
Air Force Investigating Outage Of Classified Computer System At Key Drone Base
Air Force Investigating Outage Of Classified Computer System At Key Drone Base http://ift.tt/2e2Rakk Air Force Investigating Outage Of Classified Computer System At Key Drone Base:
-
keithjjones/hostintel
keithjjones/hostintel http://ift.tt/2dSaySS keithjjones/hostintel: And http://ift.tt/2dSdcbi Simple tools to do simple things.
-
Attempting to Bypass ASLR on Windows 7 into a Reverse Shell via /r/netsec
Attempting to Bypass ASLR on Windows 7 into a Reverse Shell http://ift.tt/2dRC27X
-
TLS nonce-nse via /r/netsec
TLS nonce-nse http://ift.tt/2dwcGKr
-
The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence
Analysis Summary A location-specific cyber risk program evaluates cyber threats and risk at non-HQ locations to increase an organization’s information security. Recorded Future expedites threat assessments — down to just two hours to generate an initial threat assessment for a country. Without Recorded Future, two people would need at least two months per country. Recorded…
securityXspace 