How to Steal Ubuntu & macOS Sudo Passwords Without Any Cracking
With a simple social engineering trick, sudo passwords can be captured in seconds without the target's knowledge. The passwords can then be saved to a file or exfiltrated to another computer on the network. After exploiting a system, penetration tester's and hackers will often begin privilege escalation (privesc) attacks. Such…
How to Scan for Vulnerabilities on Any Website Using Nikto
Before attacking any website, a hacker or penetration tester will first compile a list of target surfaces. After they've used some good recon and found the right places to point their scope at, they'll use a web server scanning tool such as Nikto for hunting down vulnerabilities that could be…
Ad Network Sizmek Probes Account Breach
Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an individual who’s…
Some thoughts about Windows Memory Management
Malware analysis and digital forensic analysis are processes that often needs the analyst to look into system memory.In this regard, a good analyst must have at least a base knowledge of Windows Memory Management. In this post I will try to explain mechanisms used to map executable modules into the…
Patch Tuesday, March 2019 Edition
Microsoft on Tuesday pushed out software updates to fix more than five dozen security vulnerabilities in its Windows operating systems, Internet Explorer, Edge, Office and Sharepoint. If you (ab)use Microsoft products, it’s time once again to start thinking about getting your patches on. Malware or bad guys can remotely exploit…
How to Gain SSH Access to Servers by Brute-Forcing Credentials
SSH is one of the most common protocols in use in modern IT infrastructures, and because of this, it can be a valuable attack vector for hackers. One of the most reliable ways to gain SSH access to servers is by brute-forcing credentials. There are a few methods of performing…
Podcast Episode 2: Mikey Veenstra Talks XSS Vulnerability + The Adam Warner Interview
Welcome to Think Like a Hacker, Episode 2. In this episode Mikey Veenstra, a threat analyst at Wordfence, discusses a serious XSS vulnerability in an abandoned cart plugin. We also chat with Adam Warner, a well known figure in the WordPress community. In our interview we chat about Adam’s personal…
Employee resource groups aren’t the answer, but they’re a first step
Why employee resource groups are important for building a great company culture but they're not enough.Diversity and inclusion is a process. To achieve diversity and inclusion, it’s not enough to hire diverse candidates. Once hired, we must be welcomed by a safe and belonging culture, and our diverse perspectives must…
Happy Birthday to the World Wide Web!
Today, March 12th 2019, marks the 30th birthday of the World Wide Web! Cloudflare is helping to celebrate in coordination with the Web Foundation, as part of a 30 hour commemoration of the many ways in which the Web has changed our lives. As we post this blog, Sir Tim…
XSS Vulnerability in Abandoned Cart Plugin Leads To WordPress Site Takeovers
Last month, a stored cross-site scripting (XSS) flaw was patched in version 5.2.0 of the popular WordPress plugin Abandoned Cart Lite For WooCommerce. The plugin, which we’ll be referring to by its slug woocommerce-abandoned-cart, allows the owners of WooCommerce sites to track abandoned shopping carts in order to recover those sales.…
Insert Skimmer + Camera Cover PIN Stealer
Very often the most clever component of your typical ATM skimming attack is the hidden pinhole camera used to record customers entering their PINs. These little video bandits can be hidden 100 different ways, but they’re frequently disguised as ATM security features — such as an extra PIN pad privacy…
An email marketing company left 809 million records exposed online
Enlarge / (GERMANY OUT) Leerstehendes Fabrikgebäude im Bonner Stadtteil Friesdorf. Vernagelte Eingangstüre mit zerschlagenen Scheiben (Photo by JOKER / Karl-Heinz Hick/ullstein bild via Getty Images) (credit: Ullstein Bild | Getty Images) By this point, you've hopefully gotten the message that your personal data can end up exposed in all sorts…
How to Inconspicuously Sniff Wi-Fi Data Packets Using an ESP8266
If you want to get started sniffing Wi-Fi networks, you usually need to start with a wireless network adapter. But thanks to a Wi-Fi sniffing library written in Arduino and the ultra-cheap ESP8266 chip, you might not need one. For less than $10 in electronics, you can build a tiny…
A Node to Workers Story
Node.js allows developers to build web services with JavaScript. However, you're on your own when it comes to registering a domain, setting up DNS, managing the server processes, and setting up builds. There's no reason to manage all these layers on separate platforms. For a site on Cloudflare, these layers…
MyEquifax.com Bypasses Credit Freeze PIN
Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may…