Posts

Showing posts from May, 2020

Trending

Researchers Hacked EV Car Chargers To Execute Arbitrary Code

By CyberMrfu3k -
EVs face significant cyber risks due to their reliance on interconnected systems and the increasing number of public charging stations, which often lack robust security measures.  Vulnerabilities in EV software and charging infrastructure can expose vehicles to malware, unauthorized access, and potential control by hackers. During Pwn2Own Automotive 2024 in Tokyo, cybersecurity researchers hacked  EV car chargers  to execute arbitrary code. Researchers Hacked EV Car Chargers At the Pwn2Own Automotive 2024 event, researchers exploited three EV chargers:-  Autel MaxiCharger (MAXI US AC W12-L-4G) ChargePoint Home Flex JuiceBox 40 Smart EV Charging Station  They executed arbitrary code via Bluetooth while focusing on the Autel MaxiCharger, and this uncovered the “CVE-2024-23958,” “CVE-2024-23959,” and “CVE-2024-23967”  vulnerabilities . The features of the charger include WiFi, Ethernet, Bluetooth, 4G LTE, RFID, LCD touchscreen, RS485, and a USB-C port. Its har...
Post a Comment
Read more

Build Your own Rar Password Cracker !!

By -
Image
                Everyone gets tired of recovering their old password protected rar archive. So how about we build our own password cracker batch file. Sounds interesting ? Lets have fun then Note : It only cracks numeric password 1) Copy the code in a txt file: @echo off color 0a title Rar Password Cracker (Numeric) mode con: cols=60 lines=30 SET PSWD=0 SET DEST=%TEMP%\%RANDOM% MD %DEST% :RAR cls echo ---------------------------------------------- echo               Enter the details echo ---------------------------------------------- echo. SET/P "UNRAR_PATH=Enter Full Path of Unrar.exe (Don't include unrar.exe) :" SET/P "PATH=Enter Full Path of the file (Don't include the File Name) : " IF "%PATH%"=="" goto PERROR cd %PATH% SET/P "NAME=Enter File Name (Including the format extension) : " IF "%NAME%"=="" goto NERROR goto NEXT :NERROR echo ------...
Post a Comment
Read more

Ongoing project- PDF to Braille converter

By -
Image
One of our ongoing projects, PDF to Braille converter is almost at the end of development. The main goal of the project is to convert E- books in the format of PDFs to braille text, so that visually challenged people can enjoy the pleasure of reading books to its fullest. The program is based on Python and ensures that anyone can convert any books in PDF format with its simple GUI. So far the program can convert the PDFs to braille in DOC format excluding images and other formatting styles. Feel free to comment if you need any other features that needs to be included in the program or contact us to contribute to the project. Subscribe to our mail list and get notified when the project is completed. Keep exploiting :)
Post a Comment
Read more

Hackers Compromise T-Mobile Employee' Email Accounts and Steal User' Data

By CyberMrfu3k -
Image
If you are a T-Mobile customer, this news may concern you. US-based telecom giant T-Mobile has suffered yet another data breach incident that recently exposed personal and accounts information of both its employees and customers to unknown hackers. What happened? In a breach notification posted on its website, T-Mobile today said its cybersecurity team recently discovered a sophisticated cyberattack against the email accounts of some of its employees that resulted in unauthorized access to the sensitive information contained in it, including details for its customers and other employees. Although the telecom company did not disclose how the breach happened, when it happened, and exactly how many employees and users were affected, it did confirm that the leaked information on its users doesn't contain financial information like credit card and Social Security numbers. What type of information was accessed? The exposed data of an undisclosed number of affected...
Post a Comment
Read more

7 Most Famous Social Engineering Attacks In History, Be Prepared

By CyberMrfu3k -
Image
Social engineering, in the context of IT, often refers to the manipulation of people to perform actions or give up confidential information.   As long as there has been any proprietary or private information, bad actors have been attempting to steal it. Recently, with the acceleration of technology and the accessibility to the internet, hackers have refocused their strategy. Where, in the past, an assailant would be required to be physically in the room to breach a system, now a simple email is all that is necessary. The goal of such an attack is to extract information, commit fraud, or gain system access by tricking an unsuspecting user by gaining their confidence. Naturally, as technology becomes more widely adopted, there has been an uptick in such attacks. Social engineering attacks are worth keeping an eye on. At the very least, to monitor your company’s vulnerabilities. The Sony Pictures Hack    ...
Post a Comment
Read more

British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data

By CyberMrfu3k -
Image
British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers. In an official statement released today, EasyJet confirmed that of the 9 million affected users, a small subset of customers, i.e., 2,208 customers, have also had their credit card details stolen, though no passport details were accessed. The airline did not disclose precisely how the breach happened, when it happened, when the company discovered it, how the sophisticated attackers unauthorizedly managed to gain access to the private information of its customers, and for how long they had that access to the airline's systems. However, EasyJet assured its users that the company had closed off the unauthorized access following the discovery and that it found "no evidence that any personal information of any nature has...
Post a Comment
Read more

Ninjutsu OS- Windows based pentesting distribution

By -
Image
Ninjutsu Project Hey everyone. Hope you all are doing good. Today I came across a post in Linkedin by Hasan , a Red team Penetration tester. It's as follows I started exploring and came to know about this distribution. A Windows based pentesting distribution!!  Sound exciting right? Within few minutes i ended up downloading the OS (17gb -_- ) Don't forget to visit their official blog and support the developer if you like his work.
5 comments
Read more

Top Browsers for Security

By -
Image
                       In this cyber world, we would love to feel secured while surfing through internet from all kind of security concerns. To ensure this lets take a look at the secure browsers that needs to be used. TOR Browser                    If you’re looking for a browser that’s thought of everything security-wise, Tor Browser might be the browser for you. The Tor Browser handles your security concerns down to the smallest detail.             Tor also offers other security measures such as the automatic deletion of your browser history and cookies when you’re finished browsing, the blocking of third-party trackers, and protection that includes three layers of encryption for your web traffic, “as it passes over the Tor network.”   Cont...
Post a Comment
Read more

Remove your phone number from TrueCaller

By -
Image
TrueCaller, the vigilant             Almost every android user uses the app TrueCaller. It's really useful to identify some of the spammers, but its normal to worry about your privacy. Even if you don't use the app, truecaller might have your details as it collects contact details from users. So why don't we just remove the phone number from truecaller database? Continue .....
Post a Comment
Read more

ILOVEYOU – 20 years ago – to the day!

By CyberMrfu3k -
Image
                I LOVE YOU is always more than just a phrase right? Well, two decades ago on May 4, it made a catastrophe in the form of worm that’s worth remembering Continue ............
Post a Comment
Read more

Popular posts from this blog

Ninjutsu OS- Windows based pentesting distribution

By -
Image
Ninjutsu Project Hey everyone. Hope you all are doing good. Today I came across a post in Linkedin by Hasan , a Red team Penetration tester. It's as follows I started exploring and came to know about this distribution. A Windows based pentesting distribution!!  Sound exciting right? Within few minutes i ended up downloading the OS (17gb -_- ) Don't forget to visit their official blog and support the developer if you like his work.
Read more

Fog Ransomware

By CyberMrfu3k -
Image
‛Fog’ Ransomware Rolls in to Target many Sectors. A new group of hackers is encrypting data in virtual machines, leaving ransom notes, and calling it a day. A new ransomware operation has been performing old-fashioned ransomware attacks, locking up data in virtual environments to earn quick payouts. Attack Vectors • Fog attacks typically begin with stolen virtual private network (VPN) credentials, an increasingly popular means of initial access into sizable organizations. The group has exploited two different VPN gateway vendors thus far, which Arctic Wolf has declined to name. • In one case, for example, Fog passed the hash to compromise administrator accounts in its target’s network. It then used the accounts to establish a remote desktop protocol (RDP) connection with Windows servers running the Hyper-V hypervisor and Veeam data protection software. • Other common Fog tactics, techniques, and procedures (TTPs) include credential stuffing, using native Windows and open-source tools l...
Read more

New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers

By CyberMrfu3k -
Image
Security researchers have unveiled new techniques that allow attackers to exfiltrate sensitive data from air-gapped computers, which are systems physically isolated from unsecured networks. Despite air gaps being a strong security measure, these attacks demonstrate that determined adversaries can still find ways to breach such systems. Dr. Mordechai Guri and his team at Ben-Gurion University in Israel have published multiple papers detailing various  covert channels  that can be used to leak data from air-gapped systems. Their latest  research focuses  on exploiting computer components’ electromagnetic, acoustic, thermal, and optical emanations to transmit data to nearby receivers. One attack, dubbed  RAMBO  (Radiation of Air-gapped Memory Bus for Offense), exploits electromagnetic emissions from a computer’s RAM to leak data. Malware can generate controlled radio signals that encode stolen information by manipulating memory access patterns. Using a softwar...
Read more