shrinath7d, Author at ExploitByte

How To Use DarkNet Safely?

December 4, 2020December 4, 2020 shrinath7d

How To Use DarkNet Safely? – The dark net isn’t a single, centralized location. Exactly like the outside net, It’s scattered among servers across the world. This guide will teach you on how best to get the dark net through Tor, brief for The Onion Router. Dark internet website URLs are usually appended with “.onion” in lieu of “.com” or even “.org”, signaling they’re only available to Tor users. Tor is a system of volunteer relays whereby the consumer’s internet connection is routed. The link is encrypted and the visitors…

Google Hacker Details Zero-Click ‘Wormable’ Wi-Fi Exploit to Hack iPhones

December 3, 2020December 3, 2020 shrinath7d

Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical “wormable” iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to “view all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device] in real-time,” said Beer in a lengthy blog post detailing his six-month-long efforts into building a proof-of-concept single-handedly. The flaw (tracked as CVE-2020-3843)…

Indian National Gets 20-Year Jail in United States for Running Scam Call Centers

December 2, 2020December 2, 2020 shrinath7d

An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. Hitesh Madhubhai Patel (aka Hitesh Hinglaj), who hails from the city of Ahmedabad, India, was sentenced in connection with charges of fraud and money laundering. He was also ordered to pay restitution of $8,970,396 to identified victims of his crimes. Earlier this January, Patel pleaded guilty to wire fraud conspiracy and general…

How to Become an Ethical Hacker

December 1, 2020December 1, 2020 shrinath7d

How to Become an Ethical Hacker – Ethical hacking is the perfect career choice for those interested in problem solving, communication and IT security. Here’s what it takes to become a white hat hacker. How to Become an Ethical Hacker An essential guide to becoming an ethical hacker I receive lots of emails asking for guidance on how to become an ethical hacker. Most requests are on how to become a black hat hacker which are usually ignored. Let’s take a look at the definition of an ethical hacker. How…

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

November 30, 2020 shrinath7d

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. “A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system,” the virtualization software and services firm noted in its advisory. Tracked as CVE-2020-4006, the command injection vulnerability has a CVSS score of 9.1 out of 10 and impacts VMware Workspace…

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

November 29, 2020 shrinath7d

A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy “dozens of digitally signed variants” of the Bandook Windows Trojan over the past year, thus once again “reigniting interest in this old malware family.” The different verticals singled out by the threat actor…

What is Key Server in Cryptography?

November 28, 2020November 28, 2020 shrinath7d

What is Key Server in Cryptography? – At last we turn to key management. This is, without a doubt, the most difficult issue in cryptographic systems, which is why we left it to near the end. We’ve discussed how to encrypt and authenticate data, and how to negotiate a shared secret key between two participants. Now we need to find a way for Alice and Bob to recognize each other over the Internet. As you will see, this gets very complex very quickly. Key management is especially difficult because it…

Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities

November 27, 2020 shrinath7d

Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams have been arrested in the city of Lagos, Interpol reported yesterday. The investigation, dubbed “Operation Falcon,” was jointly undertaken by the international police organization along with Singapore-based cybersecurity firm Group-IB and the Nigeria Police Force, the principal law enforcement agency in the country. About 50,000 targeted victims of the criminal schemes have been identified so far, as the probe continues to track down other…

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

November 26, 2020 shrinath7d

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account. The issue, tracked as “SEC-575” and discovered by researchers from Digital Defense, has been remedied by the company in versions 11.92.0.2, 11.90.0.17, and 11.86.0.32 of the software. cPanel and WHM (Web Host Manager) offers a Linux-based control panel for users to handle website and server management, including tasks such as adding sub-domains and performing…

What is Message Authentication Codes?

November 24, 2020November 24, 2020 shrinath7d

What is Message Authentication Codes? – A message authentication code, or MAC, is a construction that detects tampering with messages. Encryption prevents Eve from reading the messages but does not prevent her from manipulating the messages. This is where the MAC comes in. Like encryption, MACs use a secret key, K, known to both Alice and Bob but not to Eve. Alice sends not just the message m, but also a MAC value computed by a MAC function. Bob checks that the MAC value of the message received equals the…