#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Metasploit | Breaking Cybersecurity News | The Hacker News

Category — Metasploit
CTF365 Capture The Flag - The Next Generation IT Security Training Platform

CTF365 Capture The Flag - The Next Generation IT Security Training Platform

Nov 11, 2013
For years, the Capture the Flag platform has been a common and very popular part of the hacker convention scene. Teams come from all over the world to show their skill and technique in various competitions. The CTF365 team took that interest, passion and excitement and went to a new level in their platform. That original capture the flag environment is now available to anyone from the safety and comfort of their own home. Not only is the original and fun capture the flag platform available, but the CTF365 team is bringing in red verses blue competitions, as well as an entire exploitable virtual world! While still in alpha, the development team is working tirelessly to bring a brand new approach to an original favorite to the hacker and information security community. What is CTF365? CTF365 is a revolution in the world of capture the flag, simulated attacks and Information security as a whole. Capture the flag is always a fan favorite at hacker conventions, online and
Metasploit website Hacked just by sending a spoofed DNS change request via Fax to Domain Registrar

Metasploit website Hacked just by sending a spoofed DNS change request via Fax to Domain Registrar

Oct 11, 2013
A group of Pro-Palestine hackers ' KDMS Team ' today has been able to hijack the Metasploit website simply by sending a fax and hijacked their DNS records. Rapid7 is a leading Security Company and Creator of world's best penetration testing software called ' Metasploit '. The company confirmed via Twitter that Metasploit.com was hacked via a spoofed DNS change request sent via fax to its registrar, Register.com . The group came to prominence earlier this week when it managed to hijack the websites of popular messaging service WhatsApp and anti-virus company AVG among others. On the website, the hacker posted " Hello Metasploit.  After Whatsapp , Avira, Alexa , AVG and other sites. We were thinking about quitting hacking and disappear again! But we said: there is some sites must be hacked. You are one of our targets. Therefore we are here. And there is another thing do you know Palestine? " Rapid7 official statement regarding the in
How to Get Going with CTEM When You Don't Know Where to Start

Want To Excel in Cybersecurity Risk Management?

Georgetown UniversityWebinar / Risk Management
Manage cybersecurity risk with a Georgetown master's degree. Learn more in our Oct. 23 webinar.
Apple Mac OS X Vulnerability enables Root User to Hackers by resetting the clock

Apple Mac OS X Vulnerability enables Root User to Hackers by resetting the clock

Aug 30, 2013
Do you think, because you're using an Apple Mac , your data is safe from hackers ? Well, it is not true, there are dozens of security weaknesses and today Researchers have made it easier to exploit Apple Mac OS X, that allows penetration testers and hackers to gain root access. The flaw remained unmatched by Apple for the last five months, dubbed CVE-2013-1775 , the flaw allowed attackers to bypass normal password authentication procedures by resetting the computer clock to January 1, 1970. The reason that specific date is required is because it represents the beginning of time to the operating system and some applications that run on it. When the SUDO command is used in combination with a clock reset, the computer can be tracked into providing root access without a password. Metasploit authors have come up with a brand new module that makes the bug even easier to exploit , renewing interest in the problem. The module gains a session with root permissions as long as the use
cyber security

Master the Art of AI-powered Cybersecurity

websiteNVIDIAArtificial Intelligence / Cybersecurity
Learn to build and manage advanced AI workflows that safeguard data against emerging threats, enhancing your ability to detect and respond to potential security breaches with this free course.
Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday

Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday

Jul 07, 2013
Microsoft has announced   Patch Tuesday for this July Month, with seven bulletins. Out of that, one is important kernel privilege escalation flaw and six critical Remote Code Execution vulnerabilities . Patch will address vulnerabilities in Microsoft Windows, .Net Framework, Silverlight and will apply to all versions of Internet Explorer from IE6 on Windows XP to IE10 on Windows 8 . Often targeted by attackers to perform drive-by malware download attacks, remote code execution flaws allow an attacker to crash an application and launch malware payloads often without any sort of notification or interaction form the user. The Windows 8 maker is also patching a kernel vulnerability disclosed at the beginning of June by Google researcher Tavis Ormandy . The issue is to do with Windows kernel's EPATHOBJ::pprFlattenRec function (CVE-2013-3660) and after Ormandy released the exploit code, Metasploit module was developed to exploit the bug. The company is planning to release the updat
Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

May 02, 2013
Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit (Win32/Rootkit.Avatar), advertised in the underground forums by Russian cyber crime . " We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from May to February 2013th 2012go.Now nuclear rootkit AVATAR is available for rental. " Despite the malware was described months ago it was not found and published until now, in March ESET researchers detected two droppers with different C&C servers and having different compilation time stamps as showed in the following pictures: The Avatar rootkit appears very sophisticated, it uses two different infection techniques, the first in the dropper so as to bypass detections by HIPS, and the second one in the rootkit driver to allow the malware to be alive after system reboot, the instance detected works only on x86 systems. The 2 level dropper for Avatar rootkit works in conjunct
Update : Backtrack Kali Linux 1.0.3 released with built-in accessibility features

Update : Backtrack Kali Linux 1.0.3 released with built-in accessibility features

Apr 26, 2013
BackTrack Linux, a specialized distribution of penetration testing tools, has long been a favorite of security specialists and IT pros. Security professionals have been relying on the BackTrack security distribution for many years to help them perform their assessments. A couple of weeks ago, futuristic major release of BackTrack was announced as   Kali Linux . Today Backtrack team released few updates to Kali Linux as version 1.0.3 and fixed couple of bugs. " Our first attempts at building an accessible version of Kali failed and after a bit of digging, we found that there were several upstream GNOME Display Manager (GDM3) bugs in Debian, which prevented these accessibility features from functioning with the GDM greeter. Working together with an upstream GNOME developer, we knocked out these bugs and had the fixes implemeted in Kali, and hopefully in future builds of GDM3 in Debian ." Download  new version of Kali Linux ( kali-linux-1.0.3-i386.iso ) wi
Distributed Red Team Operations with Cobalt Strike

Distributed Red Team Operations with Cobalt Strike

Feb 12, 2013
What if you could easily host malicious websites, send phishing emails, and manage compromised hosts across diverse internet addresses? This week's Cobalt Strike adds the ability to manage multiple attack servers at once. Here's how it works: When you connect to two or more servers, Cobalt Strike will show a switch bar with buttons for each server at the bottom of your window. Click a button to make that server active. It's a lot like using tabs to switch between pages in a web browser. To make use of multiple servers, designate a role for each one. Assign names to each server's button to easily remember its role. Dumbly connecting to multiple servers isn't very exciting. The fun comes when you seamlessly use Cobalt Strike features between servers. For example: Designate one server for phishing and another for reconnaissance. Go to the reconnaissance server, setup the system profiler website. Use the phishing tool to deliver the reconnaissance website through
Exploit Packs updated with New Java Zero-Day vulnerability

Exploit Packs updated with New Java Zero-Day vulnerability

Jan 10, 2013
A new Java 0-day vulnerability has been discovered, already wind in use by an exploit pack, taking advantage of a fresh zero-day vulnerability in Java and potentially letting hackers take over users' machines. Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The flaw was first spotted by 'Malware Don't Need Coffee' blog . This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. This exploit is already available in two Exploit Packs, that is available for $700 a quarter or $1,500 for a year. Similar tactics were used in CVE-2012-4681 , which was discovered last August. Source of this new Exploit available to download Here . The two most popular exploits packs used by hackers to distribute malware, the BlackHole Exploit Kit and the Cool Exploit Kit already having this latest Java Zero-Day exploit. Blackhole ki
Review : Hacking S3crets - beginners guide to practical hacking

Review : Hacking S3crets - beginners guide to practical hacking

Dec 08, 2012
Most of People are curious to become Hackers, but they do not know where to start, If you are in the same situation, then " Hacking S3crets " Book will guide you through the basic and advanced steps of Hacking and will help you develop The Hacker Attitude. Author Sai Satish, and Co-Author K. Srinivasa rao with Aditya Gupta put together Ethical hacking with examples of live websites. Contents of the Book 1. Basic Hacking 2. email-Hacking 3. Google Hacking 4. Websites and databases Hacking 5. Windows Passwords Cracking in seconds 6. Backtrack 7. Metasploit 8. Wireless Cracking 9. Mobile Hacking To get reviews, we distribute book to few readers share the feedback after reading this book , as given below: Review from Nikhil Kulkarni An awesome book to start off with if you are interested in hacking. It unwraps various methods and techniques performed by hackers today. Being into security field from past 4 years, I've never read such
CTF365 – Capture The Flag – Next Generation

CTF365 – Capture The Flag – Next Generation

Nov 19, 2012
Prepare your tools, build your team, defend your country and conquer the World. It is well known that the best way to learn security is hands on. It's the kind of experience you earn in pentest labs or CTF competitions based on challenges or defensive and offensive security and it's aimed at improving your security skills. Every important Information Security conference has a CTF competition, the most prestigious universities host CTF competitions and major companies organize CTFs now and then. Just take a look at Stripe or Mozilla. CTF is everywhere and not just in the InfoSec Industry. The World is changing rapidly, and so is the InfoSec industry along with CTFs. It looks like CTF365 took this task seriously and they promise a brand new approach to CTF competitions that will change everything we know about those competitions. Is not a challenge nor scenario based game. They simply promise to build and internet within The Internet and replicate everything that ex
Zero-Day Exploit released for Vulnerability in Novell ZENworks

Zero-Day Exploit released for Vulnerability in Novell ZENworks

Oct 19, 2012
Rapid7 researcher Juan Vazquez recently uncovered a zero-day security flaw in Novell ZENworks Asset Management 7.5. This Vulnerability ( CVE-2012-4933 ) gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credentials in clear text. ZENworks Asset Management provides a Web Console, where the user can access the data collected about network devices and edit some information. This web interface provides some maintenance calls, two of them accessible with hardcoded credentials, allowing a remote attacker to retrieve any file from the remote file system with SYSTEM privileges and to get configuration parameters from the ZENworks Asset Management including the backend credentials in clear text. The vulnerability currently remains unpatched and US CERT recommends that users implement firewall rules that will restrict access to the web interface by unauthorised users. Read here , more about e
New Internet Explorer zero-day, Can trigger malware automatically

New Internet Explorer zero-day, Can trigger malware automatically

Oct 15, 2012
The new zero day exploit has been discovered and being exploited in the wild. This can be used to load malicious application on victim machines running fully patched Windows XP SP3 along with the latest editions of the IE 7 and IE 8 browser and Adobe's Flash software. Eric Romang  was  examining one of the servers used to launch attacks on vulnerable Java installations in past, and he says that he has found a new zero day exploit for Microsoft's Internet Explorer web browser. He said, " I can confirm, the zero-day season is really not over yet ." AlienVault Labs researcher Jaime Blasco reported that, " the gang behind the Java attacks in August and September may be moving on: with domains used in that attack located at new IP addresses and serving up the new and more potent attacks ." As shown in above image example, the file exploit.html creates the initial vector to exploit the vulnerability and loads the flash file Moh2010.swf, which 
Unpatched Flaw in IE Bypasses Key Windows Security Features

Unpatched Flaw in IE Bypasses Key Windows Security Features

Dec 23, 2010
An exploit exploiting an unpatched vulnerability in Internet Explorer (IE) has gone public. Security researcher Shahin Ramezany announced in a Tuesday tweet that he successfully exploited the flaw, which involves how IE handles CSS style sheets on Windows 7 and Vista machines. Offensive Security, a provider of security tools and training, posted a video demonstrating the code execution on Monday. On Wednesday, the exploit code was added to the open-source Metasploit hacking toolkit. This flaw can bypass two built-in Windows security features: Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), according to Ramezany. Microsoft has not yet confirmed the vulnerability. "We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," said Dave Forstrom, director of trustworthy computing at Microsoft, in an email to SCMagazineUS.com on Wednesday. "Once we're done investigating, we will take appropriat
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources