Ehacking Tutorial

Over 12 Million Routers are Exposed to Critical hijacking Hack

More than 12 million routers in homes and small offices are vulnerable to attacks that allow hackers anywhere in the world to monitor user traffic and take administrative control over the devices, researchers said.

Source: thehackernews

The vulnerability resides in "RomPager" software, embedded into the residential gateway devices, made by a company known as AllegroSoft. Versions of RomPager prior to 4.34 contain a critical bug that allows attackers to send simple HTTP cookie files that corrupt device memory and hand over administrative control. Attackers can use that control to read plaintext traffic traveling over the device and possibly take other actions, including changing sensitive DNS settings and monitoring or controling Web cams, computers, or other connected devices. Researchers from Check Point's malware and vulnerability group have dubbed the bug Misfortune Cookie, because it allows hackers to determine the "fortune" of an HTTP request by manipulating cookies. They wrote:

Sony Cancels The Interview's Release after Threats from Hackers

Sony Pictures' "The Interview," a comedy about assassinating North Korea's leader, may be the most talked-about movie of the season. But chances are, you won't be able to see it.

Sony said in a statement Wednesday that it is canceling release of the film, following a series of threats made over the past few weeks, including promise of an attack on theaters screening the film. Meanwhile, The Wall Street Journal and New York Times, citing unnamed officials aware of the investigation, reported the US government has evidence North Korea is behind the attack.

How to Evade getting Hacked during Online Shopping

Avoiding long lines and cranky crowds are just two of the benefits of online shopping. But getting hacked while buying a toy playset from the hit movie "Frozen" through an online seller is a real shopping risk, too.

It may seem that protecting yourself from hackers is impossible, given that it's been a banner year for identity theft. In 2014, hackers stole tens of millions of email addresses and credit card numbers from US retailer Home Depot and bank JPMorgan and got into Apple's iCloud service through a password breach, which exposed explicit, personal photos from around two dozen celebrities including actress Jennifer Lawrence.

100’s of Thousands Wordpress Sites infected with Dangerous Malware

About 100,000 or more websites running the WordPress content management system have been compromised by mysterious malware that turns the infected sites into attack platforms that can target visitors, security researchers said.

source sucuri

The campaign has prompted Google to flag more than 11,000 domains as malicious, but many more sites have been detected as compromised, according to a blog post published Sunday by Sucuri, a firm that helps website operators secure their servers. Researchers have yet to confirm the cause of the infection, but they suspect it's related to a vulnerability in Slider Revolution, a WordPress plugin, that was disclosed in early September.

Oryon C Portable - Open Source Intelligence Framework

Open source intelligence is the process-oriented terminology that simply means to collect information from publicly available sources. OSINT (Open source intelligence) is viable to gather information about the target from the sources that can be easily accessible, but the actual art is to turn the gather data into meaningful information. Consider an example, where you have a deadly weapon but you don't how to and when to use it, then this important weapon is useless for you; same is the case with the information which is available but you have to turn it into a weapon against your target.

There are many tools and techniques to collect and organize the information and Oryon C Portable is one of them.

Oryon C Portable

Oryon C Portable is a web browser designed to assist researchers in conducting Open Source Intelligence investigations. Oryon comes with dozens of pre-installed tools and a select set of links cataloged by category – including those that can be found in the OI Shared Resources.

Your data is open to Hackers when sending from SmartPhone to SmartWatch

The growing number of smart devices that interoperates with smartphones could leave text messages, calendar entries, biometric data, and other sensitive user information wide open to hackers, security researchers warn.

That's because most smart watches rely on a six-digit PIN to secure information traveling to and from connected Android smartphones. With only one million possible keys securing the Bluetooth connection between the handset and the smart device, the PINs are susceptible to brute-force attacks, in which a nearby hacker attempts every possible combination until finding the right one.