#1337day WP Fast Cache 1.4 CSRF Stored/Reflected XSS Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

#1337day WordPress Plugin Free Counter 1.1 Stored XSS Vulnerability CVE-2015-4084 [webapps #exploits #Vulnerability #0day #Exploit]

Moose Malware Uses Linux Routers For Social Network Fraud

Linux/Moose is sophisticated enough to do DNS hijacks, DDoSes, and deep network penetration...so why is it wasting its time on Instagram?

Beware of the text message that crashes iPhones

There's yet another iOS bug that causes Apple devices to crash when they receive text messages containing a string of special characters. With further finessing, the same exploit may be able to attack Macs, since OS X is also unable to process the same combination of characters, which are technically known as glyphs.

The menacing combination of ASCII and unicode-based characters looks like this:

According to people investigating the bug on reddit, the text causes iPhones running multiple versions of iOS to promptly crash. A flurry of Twitter users, angry that their devices fell victim to text messages, indicates that the bug is causing problems. Apple will almost certainly issue a fix. In the meantime, users can protect themselves against the nuisance text by going to system settings, navigating to Notifications>Messages>Show Previews, and turning it to off.

Read 3 remaining paragraphs | Comments

#1337day Clickheat 1.13+ Remote Command Execution Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

#1337day Sendio ESP Information Disclosure Vulnerability CVE: 2014-0999 [webapps #exploits #Vulnerability #0day #Exploit]

#1337day Apache Jackrabbit WebDAV XXE Exploit CVE: 2015-1833 [webapps #exploits #0day #Exploit]

#1337day WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

#1337day Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

#1337day WordPress church_admin Plugin 0.800 Stored XSS Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

What Data Breaches Now Cost And Why

New Ponemon report says the cost of a data breach has increased by 23% and healthcare and education breaches are the most pricey.

Canary box aims to lure hackers into honeypots before they make headlines

South African Security firm Thinkst is hoping to give new life to an old idea—the honeypot—in a bid to help organizations detect security breaches and intruders in their private networks. Thinkst's Canary is a simple network appliance and corresponding online monitoring service that makes it easy to set up juicy-looking targets on the corporate LAN that will sound the alarm if any attempt is made to access them.

One of the consistent features of large hacks, such as the late 2013 Target breach, is that attackers have been able to move around their victims' networks to find systems with interesting or valuable data without being detected. From one point of entry—a compromised Web server, say—the hackers perform what's called "lateral movement;" accessing other systems and computers on the same network, discovering new sets of user credentials to gain further access to their victims, and finding valuable information to steal.

This behavior appears to go undetected, giving the attackers weeks or months to learn about their victims and steal vast quantities of sensitive data. It's this lateral movement that Canary is designed to detect, by presenting the hackers with a juicy target that will ring the alarm bell whenever they access it.

Read 8 remaining paragraphs | Comments

#1337day Unified-Layer Unrestricted File Upload 0day Exploit [remote #exploits #0day #Exploit]

[webapps] – WordPress Plugin Free Counter 1.1 Stored XSS

WordPress Plugin Free Counter 1.1 Stored XSS

Hackers Hit the IRS and Make Off With 100K Taxpayers’ Files

Hackers Hit the IRS and Make Off With 100K Taxpayers’ Files

On Tuesday the IRS admitted that it had been the target of a breach that compromised 100,000 taxpayers' files.

The post Hackers Hit the IRS and Make Off With 100K Taxpayers’ Files appeared first on WIRED.









IRS Breach Exposes 100,000 Taxpayers’ Tax Returns, Other Data

Online 'Get Transcript' service accessed from February to mid-May.

Report: IRS hacked, tax info stolen for 100,000+

According to the Associated Press, the IRS has disclosed a hack where blackhats "used an online service provided by the agency" to access data for more than 100,000 taxpayers.

The IRS issued a statement today saying the compromised system was "Get Transcript." The AP reports thieves were able to bypass the security screen requiring user information such as SSN, date of birth, and street address. The IRS has shut down the service currently, and it claims "Get Transcript" was targeted for more than two months between February and mid-May.

Thus far, neither the AP nor the IRS has detailed exactly what information was obtained by hackers ("tax returns and other tax information on file with the IRS," according to the AP). Precisely how the attackers were able to bypass the necessary login screen has not been revealed at this time either.

Read 1 remaining paragraphs | Comments

#1337day MemHT Portal 4.0.2 Persistent XSS Exploit [webapps #exploits #0day #Exploit]

The Moose is loose: Linux-based worm turns routers into social network bots

A worm that targets cable and DSL modems, home routers, and other embedded computers is turning those devices into a proxy network for launching armies of fraudulent Instagram, Twitter, and Vine accounts as well as fake accounts on other social networks. The new worm can also hijack routers' DNS service to route requests to a malicious server, steal unencrypted social media cookies such as those used by Instagram, and then use those cookies to add "follows" to fraudulent accounts. This allows the worm to spread itself to embedded systems on the local network that use Linux-based operating systems.

The malware, dubbed "Linux/Moose" by Olivier Bilodeau and Thomas Dupuy of the security firm ESET Canada Research, exploits routers open to connections from the Internet via Telnet by performing brute-force login attempts using default or common administrative credentials. Once connected, the worm installs itself on the targeted device.

Moose spreads itself using a file named elan2—"élan" is the French word for moose, Bilodeau and Dupuy explained in their report. Once installed, the malware begins to watch traffic passing through the router for unencrypted cookies from Web browsers and mobile applications, which may be passed to unencrypted sites that leverage social network features:

Read 6 remaining paragraphs | Comments

Is It Possible for Passengers to Hack Commercial Aircraft?

Is It Possible for Passengers to Hack Commercial Aircraft?

Experts insist that what the FBI claims hacker Chris Roberts did on a flight is not possible. We examine why, and what is still unknown.

The post Is It Possible for Passengers to Hack Commercial Aircraft? appeared first on WIRED.









#1337day WordPress Landing Pages 1.8.4 Cross Site Scripting / SQL Injection Vulnerabilities [#0day #Exploit]

#1337day WordPress NewStatPress 0.9.8 Cross Site Scripting / SQL Injection Vulnerabilities [#0day #Exploit]

#1337day WordPress GigPress 2.3.8 SQL Injection Vulnerability CVE-2015-4066 [webapps #exploits #Vulnerability #0day #Exploit]

#1337day WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution Vulnerability [#0day #Exploit]

[webapps] – WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay

Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay

[webapps] – WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution

Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution

[webapps] – WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities

WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities

[webapps] – WordPress church_admin Plugin 0.800 Stored XSS

Wordpress church_admin Plugin 0.800 Stored XSS

[webapps] – Apache Jackrabbit WebDAV XXE Exploit

Apache Jackrabbit WebDAV XXE Exploit

[webapps] – WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities

WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities

[webapps] – Sendio ESP Information Disclosure Vulnerability

Sendio ESP Information Disclosure Vulnerability

[webapps] – WordPress GigPress Plugin 2.3.8 – SQL Injection

WordPress GigPress Plugin 2.3.8 - SQL Injection

#1337day FTP Media Server 3.0 – Authentication Bypass and Denial of Service Exploit [#0day #Exploit]

Researcher who exploits bug in Starbucks gift cards gets rebuke, not love

A security researcher said he found a way to game Starbucks gift cards to generate unlimited amounts of money on them. Both he and the coffee chain are grumbling after he used a fraudulent card to make a purchase, then repaid the amount and reported the vulnerability.

Egor Homakov of the Sakurity security consultancy found a weakness known as a race condition in the section of the Starbucks website responsible for checking balances and transferring money to gift cards. To test if an exploit would work in the real world, the researcher bought three $5 cards. After a fair amount of experimentation, he managed to transfer the $5 balance from card A to card B, not just once as one would expect, but twice. As a result, Homakov now had a total balance of $20, a net—and fraudulent—gain of $5.

The researcher went on to visit a downtown San Francisco Starbucks location to make sure his attack would actually work. He used the two cards to make a $16.70 cent purchase. He went on to deposit an additional $10 from his credit card "to make sure the US justice system will not put us in jail over $1.70," he explained in a blog post. Here's where hurt feelings—and arguably an overreaction on the part of both parties—entered into the story. Homakov wrote:

Read 5 remaining paragraphs | Comments

#1337day Google Chrome SpeechRecognitionClient Use-After-Free Remote Code Execution Vulnerability [#0day #Exploit]