hacking   65180

« earlier    

Fixing the Netflix Volume Slider | Boris' Blog
IntroA while ago, I joked around with my friend about something we like to call ‘frustration driven development’, which seems to be the most effective method in certain situations. Sometimes the level
mutation  mutationobserver  react  hacking  internals  volume 
2 hours ago by jimthedev
What Mueller’s Latest Indictment Reveals About Russian and U.S. Spycraft
The indictment has a surprising amount of technical information and presents the most detailed and plausible picture of the Russian cyberattacks so far.
Hacking  Geheimdienste 
7 hours ago by longfried
Cyber Security Portrayals in Popular Culture
The business of network security may not be quite as glamorous as Hollywood has made it out to be, but it is still integral to our day-to-day lives!
cybersecurity  hacking 
yesterday by Adventure_Web
Trump Avoids Denouncing Election Meddling, Asks About DNC Server And Clinton Emails | NBC News - YouTube
"Where is the server? I want to know, where is the server? And what is the server saying?"
trump  server  hacking 
yesterday by gohai
Training for manipulating all kinds of things: Using Multi-byte Characters To Nullify SQL Injection Sanitizing
There are a number of hazards that using multiple character sets and multi-byte character sets can expose web applications to. This article will examine the normal method of sanitizing strings in SQL statements, research into multi-byte character sets, and the hazards they can introduce.

SQL Injection and Sanitizing
Web applications sanitize the apostrophe (') character in strings coming from user input being passed to SQL statements using an escape (\) character. The hex code for the escape character is 0x5c. When an attacker puts an apostrophe into a user input, the ' is turned into \' during the sanitizing process. The DBMS does not treat \' as a string delimiter and thusly the attacker (in normal circumstances) is prevented from terminating the string and injecting malicious SQL into the statement.
sql  unicode  databases  hacking 
2 days ago by danwin
Hardcore ChromeOS hacking and updates
Chrome  Hacking 
2 days ago by arnekuilman
The Jeep Hackers Are Back to Prove Car Hacking Can Get Much Worse
Instead of merely compromising one of the so-called electronic control units or ECUs on a target car's CAN network and using it to spoof messages to the car's steering or brakes, they also attacked the ECU that sends legitimate commands to those components, which would otherwise contradict their malicious commands and prevent their attack. By putting that second ECU into "bootrom" mode—the first step in updating the ECU's firmware that a mechanic might use to fix a bug—they were able to paralyze that innocent ECU and send malicious commands to the target component without interference. "You have one computer in the car telling it to do one thing and we’re telling it to do something else," says Miller. "Essentially our solution is to knock the other computer offline."

The result: They're now able to override contradicting signals that tell the parking brake not to activate, for instance, and thus bring the vehicle to a halt from any speed in seconds. And in combination with another vulnerability they found in the steering module ECU, they can disable the steering so that the wheel resists the driver's attempts to turn it. They can also digitally turn the wheel themselves at any speed. When they tested that last attack while driving at 30 miles per hour on an empty road running through cornfields north of St. Louis, Miller and Valasek say they lost control of the Jeep, crashed it into a ditch, and had to wait for a friendly local to tow them out.

Though Miller and Valasek haven't found a new way to perform their attacks remotely, it's not hard to imagine new avenues hackers could find to remotely access the Jeep's CAN network or those of other vehicles. In 2011, researchers at the University of California at San Diego and the University of Washington found ways into a Chevy Impala's innards that included everything from its OnStar connection to a hacked smartphone connected to its infotainment system via Bluetooth to a CD containing a malicious file inserted into its CD player. And last year some of the same UCSD researchers showed that common, Internet-connected insurance insurance dongles plugged into vehicles' dashboards could create the same remote hacking vulnerabilities.
safety  hacking 
2 days ago by campylobacter
The project collects legitimate functions of Unix binaries that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of functions.

This was inspired by the LOLBins project for Windows.
linux  pentesting  hacking  security  shell 
2 days ago by whip_lash

« earlier    

related tags

&  (almost)  -  2018-07  2fa  32bit  account  adblock  advertising  aging  amish  analysis  animal_crossing  any  app  apple  applications  apps  archive  article  aslr  audio  authenticode  bertrand  blog-material  book  bookmarks_bar  breach  broadband  browser  bsides  business  c  canary  car  card  ccc  cfg  check  checker  china  chrome  cia  civics  clintonhillary  codeforamerica  codeinsertion  computing  conference  content  control  controlplane  conversion  converter  cracking  create  credit  creditcard  crime  criticism  cross-site-scripting  cybersecurity  data-breach  data  databases  death  democraticparty  dep  desk  desks  development  directory-traversal  disinformation  diy  dll  dnc  doj  donald_trump  doxagaram  dump  e10  e2018  education  edv  ejuli  elasticsearch  election  elections  electronics  elk  email  ethernet  exchange  exe  favorite  fbi  finance  flow  for  fraud  free.  fulfilling  funny-project  funny  furniture  game  geheimdienste  government  gps  grow  growth  gru  guard  guide  gurus  hack  hacked  hacker  hacks  hardware  highentropyva  hillary_clinton  history  hobbyist  hollywood  home  honeypot  how  huawei  hue  ikea  important  improvement  information  informationsecurity  infosec  infrastructure  instagram  instructional_design  intelligence  intelligence_community  interactive  interference  internals  internet  investigation  ioc  ios  javascript  js  kibana  kubernetes  learning  life  linux  lisp  list  mac  magnetic  magnetism  magstripe  make  maker  making  malware  marketing  meme  mit  mitm  mobile  mobiles  mueller  muellerrobert  must  mutation  mutationobserver  nds  nederland  network  networking  new-companies  node  npm  obama  of  office  ogusers  old  open  opensource  opsec  password  passwords  payment  pdf  pen  penetration  pentest  pentesting  pgp  phishing  plan  pocket  podcasts  politics  port_out_scam  privacy  producthunt  programming  propaganda  putin  react  read  redteam  reference  repository  research  resources  response  rooting  rosenstein  russell  russia  saas  safeseh  safety  sample  scam  scooter  sdlc  security  segurança  server  shell  sicherheit  sim_hijacking  sim_swapping  social_engineering  social_media  socialengineering  software  source  sourcecode  sql  stoneroger  storage  strongnaming  t-mobile  tas  tech  technical  technology  test  tester  testing  threat  timehop  tinkering  to  tools  totwitter  trump  trumpdonald  tutorial  type  ugh  unicode  united_states  unix  usa  username  valve  volume  voting  web  wifi  windows  wordpress  workspace  workspaces 

Copy this bookmark: