Security: Apple, OpenVPN, Old Drupal Bugs and More
-
Apple iOS "Erase data" bypass attack
On IOS 12 you can only use this attack within the first hour, prior to IOS12 works great on IOS11 devices - use with rebirth to deploy an implant. More information, hacker.house
-
A hacker figured out how to brute force iPhone passcodes
A security researcher has figured out how to brute force a passcode on any up-to-date iPhone or iPad, bypassing the software's security mechanisms.
Since iOS 8 rolled out in 2014, all iPhones and iPads have come with device encryption. Often protected by a four- or six-digit passcode, a hardware and software combination has made it nearly impossible to break into an iPhone or iPad without cooperation from the device owner.
And if the wrong passcode is entered too many times, the device gets wiped.
But Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, found a way to bypass the 10-time limit and enter as many codes as he wants -- even on iOS 11.3.
-
iPhone Brute Force Hack: Researcher Finds How To Bypass iPhone’s Passcode Limit
Over the past years, Apple has been playing cat and mouse with the security researchers and hackers who keep trying to develop new ways to bypass the security of iPhone. Earlier this year, a new challenge came up in the form of an iPhone unlocking device named GrayKey being used by law enforcement agencies.
-
Reverse Shell from an OpenVPN Configuration File
Basically, the up command will execute any binary of script you point it to . If the victim is using a version of Bash that supports /dev/tcp then getting a reverse shell is trivial. The following ovpn file will background a reverse shell to 192.168.1.218:8181.
-
Three-month-old Drupal vulnerability is being used to deploy cryptojacking malware
Attackers are exploiting a three-month-old critical vulnerability in Drupal to compromise systems and secretly turn them into malicious cryptocurrency mining machines.
Drupal's content management software is a popular tool for building websites, but this popularity, combined with the critical vulnerability (dubbed 'Drupalgeddon 2' by some), means that attackers have found a way to make a profit.
-
Monero-mining Drupal malware targets network systems [Ed: Somewhat misleading headline. This targets sites that have not been patched for over 3 months.]
-
Beware! Fake Fortnite APKs Having Malware Making Rounds on Internet
-
Attacking Private Networks from the Internet with DNS Rebinding
-
Hardened Azure, softened containers, force unlocking iOS 12, 11 iPhones – and more
- Login or register to post comments
- Printer-friendly version
- 3219 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago