The hubris of corporate security professionals and arrogance of white hat hackers has always been mocked by real hackers. School and certification training will teach you everything you need to know about hacking, security, defense and how the “script kiddies” operate. There is such a disconnect between the real hacking world and the security community… Read More »
In the USA, under the DCMA, it’s legal to root your smartphone. However, rooting a tablet is illegal. This exemption grant came around 2012. In 2016, the overall picture is still unclear. Jailbreaking a phone and “rooting” the phone are not exactly the same thing, however to the common smartphone user who wishes to accomplish… Read More »
FIREBALL Adware or Malware? The malware, called Fireball, acts as a browser-hijacker but and can be turned into a full-functioning malware downloader. Fireball is capable of executing any code on the victim machines, resulting in a wide range of actions from stealing credentials to dropping additional malware. Fireball is spread mostly via bundling i.e. installed… Read More »
A question I am frequently asked about is what is the difference between adware (legal software that will however overload you with ads and make money) vs. malware (crimeware to be specific). Typically there is a fine line between the two, a good example of a successful adware company is that of OpinionSpy/Marketscore which bundles… Read More »
E-Commerce PHP Shopping Cart Script osCommerce 2.3.4.1 – Arbitrary File Upload Vulnerability Exploit Code # Exploit Title: osCommerce 2.3.4.1 Authenticated Arbitrary File Upload # Date: 11.11.2017 # Exploit Author: Simon Scannell – https://scannell-infosec.net <contact@scannell-infosec.net> # Vendor Homepage: https://www.oscommerce.com/ # Software Link: https://www.oscommerce.com/Products&Download=oscom234 # Version: 2.3.4.1, 2.3.4 – Other versions have not… Read More »