Trending

Researchers Hacked EV Car Chargers To Execute Arbitrary Code

By CyberMrfu3k
EVs face significant cyber risks due to their reliance on interconnected systems and the increasing number of public charging stations, which often lack robust security measures.  Vulnerabilities in EV software and charging infrastructure can expose vehicles to malware, unauthorized access, and potential control by hackers. During Pwn2Own Automotive 2024 in Tokyo, cybersecurity researchers hacked  EV car chargers  to execute arbitrary code. Researchers Hacked EV Car Chargers At the Pwn2Own Automotive 2024 event, researchers exploited three EV chargers:-  Autel MaxiCharger (MAXI US AC W12-L-4G) ChargePoint Home Flex JuiceBox 40 Smart EV Charging Station  They executed arbitrary code via Bluetooth while focusing on the Autel MaxiCharger, and this uncovered the “CVE-2024-23958,” “CVE-2024-23959,” and “CVE-2024-23967”  vulnerabilities . The features of the charger include WiFi, Ethernet, Bluetooth, 4G LTE, RFID, LCD touchscreen, RS485, and a USB-C port. Its har...
Post a Comment

Top Browsers for Security

By CyberMrfu3k
                       In this cyber world, we would love to feel secured while surfing through internet from all kind of security concerns. To ensure this lets take a look at the secure browsers that needs to be used.
  1. TOR Browser                 
    If you’re looking for a browser that’s thought of everything security-wise, Tor Browser might be the browser for you. The Tor Browser handles your security concerns down to the smallest detail.
                Tor also offers other security measures such as the automatic deletion of your browser history and cookies when you’re finished browsing, the blocking of third-party trackers, and protection that includes three layers of encryption for your web traffic, “as it passes over the Tor network.”
  2.  Epic browser                    
                                                                                                                  Epic is built upon Chromium, the open-source project Google and others maintain. Google uses Chromium to provide the source code for its Chrome browser. Epic takes several steps to increase privacy by decreasing the amount of information the browser spills to the outside world.
    For example, while rivals have manually enabled modes that automatically delete all traces of browsing history — called "Incognito Mode" in Chrome and "Private Browsing" in Firefox — Epic runs only in such a mode. When a user closes Epic, swaths of otherwise-retained data is automatically deleted, including all cookies, all browsing history and all contents of the browser's cache.
  3. SRWare Iron Browser                                                                                                                                     
           The SRWare Iron is an interactive and easy to use freeware web browser. It is an implementation of the Chromium by the Germany firm SRWare. The major usage of this tool is to remove the various usage tracking and even other kind of privacy related functionalities which Google Chrome has got.                                                                                                    
  4. Comodo Dragon Browser                                                                                                                               
  Just like the Epic Privacy Browser, Comodo Dragon is based on the Chromium project. The browser includes all Chrome’s features but provides better security and privacy when browsing the web. So, if you are not a huge fan of Chrome and prefer Mozilla instead, you can choose Comodo Ice Dragon version as your most secure browser.
The main advantage of the browser are:

  • Domain Validation technology that identifies secure SSL certificates;
  • Blocks cookies and other tracking technologies;
  • Stops Browser download tracking.                                                                                                                
   Stay safe and keep exploiting :)                       
   

Comments

Post a Comment

Popular posts from this blog

Ninjutsu OS- Windows based pentesting distribution

By
Image
Ninjutsu Project Hey everyone. Hope you all are doing good. Today I came across a post in Linkedin by Hasan , a Red team Penetration tester. It's as follows I started exploring and came to know about this distribution. A Windows based pentesting distribution!!  Sound exciting right? Within few minutes i ended up downloading the OS (17gb -_- ) Don't forget to visit their official blog and support the developer if you like his work.
Read more

Fog Ransomware

By CyberMrfu3k
Image
‛Fog’ Ransomware Rolls in to Target many Sectors. A new group of hackers is encrypting data in virtual machines, leaving ransom notes, and calling it a day. A new ransomware operation has been performing old-fashioned ransomware attacks, locking up data in virtual environments to earn quick payouts. Attack Vectors • Fog attacks typically begin with stolen virtual private network (VPN) credentials, an increasingly popular means of initial access into sizable organizations. The group has exploited two different VPN gateway vendors thus far, which Arctic Wolf has declined to name. • In one case, for example, Fog passed the hash to compromise administrator accounts in its target’s network. It then used the accounts to establish a remote desktop protocol (RDP) connection with Windows servers running the Hyper-V hypervisor and Veeam data protection software. • Other common Fog tactics, techniques, and procedures (TTPs) include credential stuffing, using native Windows and open-source tools l...
Read more

New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers

By CyberMrfu3k
Image
Security researchers have unveiled new techniques that allow attackers to exfiltrate sensitive data from air-gapped computers, which are systems physically isolated from unsecured networks. Despite air gaps being a strong security measure, these attacks demonstrate that determined adversaries can still find ways to breach such systems. Dr. Mordechai Guri and his team at Ben-Gurion University in Israel have published multiple papers detailing various  covert channels  that can be used to leak data from air-gapped systems. Their latest  research focuses  on exploiting computer components’ electromagnetic, acoustic, thermal, and optical emanations to transmit data to nearby receivers. One attack, dubbed  RAMBO  (Radiation of Air-gapped Memory Bus for Offense), exploits electromagnetic emissions from a computer’s RAM to leak data. Malware can generate controlled radio signals that encode stolen information by manipulating memory access patterns. Using a softwar...
Read more