Kevin W Clark

845 Flips | 8 Magazines | 22 Likes | 15 Following | 146 Followers | @c3vink | Transhumanist, Technologist, Singularitarian. Dedicated student of digital exploitation, with a focus on penetration testing, forensics & tools.

Motor Mouth: Hacking a car is far easier than you might think

The FBI took the unusual step last week of issuing a public service announcement warning consumers and carmakers alike of “cyber-security threats …

Chinese spies linked to decade-long hacking campaign

China's long-running hacking efforts may be more extensive than first thought. Security researchers at ProtectWise's 401TRG team have determined that …

China

Russians are targeting home routers. Here's how to protect yourself

Hackers are always on the hunt for vulnerable routers. Your router, after all, is your main gateway to the internet. It is an important component in …

Routers

ANDROID WARNING: Terrifying malware can spy on almost EVERYTHING you do on your phone

GOOGLE • GETTYAndroid alert - Malware can spy on virtually everything you're doing<p>Android users are being put on alert about a sophisticated strain …

Level With Me

“The suspects had backpacked the drones to the area in anticipation of the FBI’s arrival. Not only did they buzz the hostage rescue team, they also …

Russia-linked Hackers Exploit Lojack Recovery Tool in Attacks

<b>Recently discovered “Lojack” agents containing malicious command and control (C&C) servers point to the Russian cyber-espionage group Sofacy,</b> …

Cybersecurity

SynAck ransomware implements Doppelgänging evasion technique

SynAck targeted ransomware was seen in the wild using the Doppelgänging technique which was first presented as a proof of concept in December 2017.

Cybersecurity

Why DDoS Just Won't Die

Distributed denial-of-service attacks are getting bigger, badder, and 'blended.' What you can (and can't) do about that.

Millions of Android devices vulnerable to new Stagefright exploit

Security researchers have successfully exploited the Android-based Stagefright bug and remotely hacked a phone, which may leave millions devices …

New “Stagefright” Hack Exposes 275 Million Android Phones

The Israeli security firm NorthBit has demonstrated an exploit that could allow hackers to access data and functions on a wide range of versions of …

FBI Says a Mysterious Hacking Group Has Had Access to US Govt Files for Years

A confidential FBI alert shows that government hackers are still roaming through US government networks.<p>The feds warned that "a group of malicious cyber actors," whom security experts believe to be the government-sponsored hacking group known as APT6, "have compromised and stolen sensitive …

Hackers can track your every call and movement, using just your phone number

Security experts say breaking into a smartphone is easier than you think -- and they've spied on a US Congressman's phone calls to prove it.<p>German computer engineer Karsten Nohl told "60 Minutes" in America that all a hacker needs is a phone number.<p>From there, Nohl says hackers can "track [the …

How a Hacker Found The Personal Information of All Mexican Voters

A security researcher found a Mexican voter registration database of more than 100 gigabytes on Shodan.<p>In the morning of April 14, Chris Vickery, a security researcher, was browsing Shodan, a search engine for internet-connected devices and servers, when he noticed an unusually large database of …

How To: Easily Generate Hundreds of Phishing Domains

A convincing domain name is critical to the success of any phishing attack. With a single Python script, it's possible to find hundreds of available …

Information Security

Advanced Exploitation: How to Find & Write a Buffer Overflow Exploit for a Network Service

While our time with the Protostar VM from Exploit Exercises was lovely, we must move on to bigger things and harder challenges. Exploit Exercises' …

Cybersecurity

OpenSnitch Is a Host-Based Firewall for Linux Desktops

Simone Margaritelli, the VP of Research at Zimperium, has created a Linux port of Little Snitch, a popular macOS firewall application. Named …

PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor

Hackers are using SSH brute-force attacks to take over Linux systems secured with weak passwords and are deploying a backdoor named Chaos. [...]

Linux: Beep Command Can Be Used to Probe for the Presence of Sensitive Files

A vulnerability in the "beep" package that comes pre-installed with Debian and Ubuntu distros allows an attacker to probe for the presence of files …

Hackers Can Spoof Phone Numbers, Track Users via 4G VoLTE Mobile Technology

A team of researchers from French company P1 Security has detailed a long list of issues with the 4G VoLTE telephony, a protocol that has become …

Hackers Can Hijack over 52,000 Baby Monitor Video Feeds

Vulnerabilities in the Mi-Cam smart baby monitor allow hackers to hijack video feeds from all devices, located anywhere in the world.<p>The …

Firmware Updates Released for Security Camera Dumpster Fire

Firmware updates are available for a wide range of security flaws that are bound to cause a lot of problems on the IoT landscape. [...]

Here's a List of 29 Different Types of USB Attacks

Researchers from the Ben-Gurion University of the Negev in Israel have identified 29 ways in which attackers could use USB devices to compromise …

Ben-Gurion University

CIA Created Toolkit for Hacking Hundreds of Routers Models

After a two-week hiatus, WikiLeaks dumped new files as part of the Vault 7 series that supposedly contains CIA-made hacking tools the organization …

Tracing a hacker

Have you ever been connected to your computer when something strange happens? A CD drive opens on its own, your mouse moves by itself, programs close …

Tutorials

DoubleDoor Botnet Chains Exploits to Bypass Firewalls

Crooks are building a botnet that for the first time is bundling two exploits together in an attempt to bypass enterprise firewalls and infect …

Abusing Linux's firewall: the hack that allowed us to build Spectrum

Today we are introducing Spectrum: a new Cloudflare feature that brings DDoS protection, load balancing, and content acceleration to any TCP-based …

A new approach to security instrumentation

How many of us have ever uttered the following phrase: <i>“I hope this works!”</i>? <br>read more

Deception Technology: Expect a Trickle Down to MSSPs

As deception technology becomes more mature, it's likely that managed security service providers will incorporate a deception offering into their …

Over 65,000 Home Routers Are Proxying Bad Traffic for Botnets, APTs

Botnet operators and cyber-espionage groups (APTs) are abusing the Universal Plug and Play (UPnP) protocol that comes with all modern routers to …

The Pentagon is getting serious about AI weapons

‘We must see to it that we cannot be surprised,’ says the Pentagon’s top scientist<p>Aerospace engineer Mike Griffin says he is taking the threat of drone swarms — including those that could be driven by artificial intelligence — seriously. So is his employer, the US Department of Defense, as are top …