PRINT
PRINT
SEND MAIL
SEND MAIL

Month: February 2018

bitdefenderCountermeasuresEXPLOIT-COLLECTORgandcrabHome

Bitdefender Releases FREE GandCrab Ransomware Decryption Tool

The latest ransomware kicking everyone’s ass is Gandcrab which has infected an estimated 50,000 computers, fortunately for the victims, Bitdefender has released a free Gandcrab ransomware decryption tool as a part of the No More Ransom Project. There’s nothing particularly notable about the ransomware itself other than it combines two existing exploit kits to compromise people and it takes payment in Dash, which is a privacy coin, rather than Bitcoin (which is a first as far as I know). Read the rest of Bitdefender…

EXPLOIT-COLLECTORHacking ToolsHomequickjacksamy

Quickjack – Advanced Clickjacking & Frame Slicing Attack Tool

Quickjack is an intuitive, point-and-click tool for performing advanced and covert clickjacking and frame slicing attacks. It also allows you to easily perform clickjacking, or steal “clicks” from users on many websites, forcing the user to unknowingly click buttons or links (for example the Facebook Like button) using their own cookies. Quickjack By placing the auto-generated code on any site, you can obtain thousands of clicks quickly from different users, or perform targeted attacks by luring a victim to a specific URL. Read the…

EXPLOIT-COLLECTOR

AsusWRT LAN Unauthenticated Remote Code Execution

The HTTP server in AsusWRT has a flaw where it allows an unauthenticated client to perform a POST in certain cases. This can be combined with another vulnerability in the VPN configuration upload routine that sets NVRAM configuration variables directly from the POST request to enable a special command mode. This command mode can then be abused by sending a UDP packet to infosvr, which is running on port UDP 9999 to directly execute commands as root. This exploit leverages that to start telnetd…