Showing posts with label Hacker News. Show all posts
Showing posts with label Hacker News. Show all posts

Windows Security Bypass 10 With One Bit

Namaste! Good Morning,

In the last set of patches from Microsoft for February 2015 was closed not only notorious JASBUG , but also the vulnerability CVE-2015-0057 with the same maximum risk rating (total in the February set three critical bug). 


The vulnerability allows for escalation of privileges to gain complete control over a victim's computer and bypass all security mechanisms Windows. The bug is in the GUI-component core - module Win32k.sys. Namely, in the structure information about the scroll bars in windows on the screen.


There is a function xxxEnableWndSBArrows , which determines whether to display a scroll bar or show the scroll bar. This is where the hidden "bug", which is found by static code analysis. At some point freed memory bits, where he kept the flags of states scrollbars. These bits we use (Use After Free). 

At first glance it seems a minor vulnerability. But if it is right unleash a chain, it's in your hands full control of any system from Redmond. Exploit reliably works in all versions of Windows, from Windows XP and up to 10, with all the included security mechanisms. 

The author believes that the attackers will be successfully exploit this vulnerability for a long time.

Hacker Arrested for Leaking Songs From Madonna's New Album Rebel Heart

Namaste! Good Morning,

Police in Israel have arrested a 39 year old man on suspicion of hacking into Madonna's compute and leaking songs from her new album "Rebel Heart".

The hacker was detained by members of the country's crime-fighting unit.

Officers are investigating allegations the suspect "broke into the personal computers of several international artists over the past few months and stole promotional final-cut singles which have yet to be released and traded them online for a fee". 

The Investigation by a security firm traced the breach of Madonna's computer to Israel. Her songs are leaked before its release date. 

"I'm profoundly grateful to the FBI, the Israeli Police investigators and anyone else who helped lead to the arrest of this hacker," Madonna, above, said in a statement.  

"Like any citizen, I have the right to privacy. This invasion into my life - creatively, professionally, and personally - remains a deeply devastating and hurtful experience, as it must be for all artists who are victims of this type of crime."

Hacking into Stars Personal Computers and into getting into their Account and stealing important data is getting easier these days. Seeing the rate of hacking into this personalities it seems that either the stars are not that good with protecting their own stuff of the hackers are becoming smarter day by day. 

Hamza Bendelladj | A Suspect On The US FBI's Top Ten Most Wanted List Arrested

Namaste! Good Morning,

Hamza Bendelladj ,24 A suspect on the US Federal Bureau of Investigation's top 10 wanted list for allegedly making millions from cybercrime. Hamza Bendelladjis arrested for hacking private accounts in 217 banks and financial companies worldwide, in Bangkok by the local police .

"Bendelladj is a graduate in computer science from a collage in Algeria . He has hacked private accounts in 217 banks and financial companies worldwide , amassing 'huge amount' in illicit earning." The Police Commissioner Phanu Kerdlabpol said .


"With just one transaction he could earn 10 to 20 million dollars." Phanu said."He's been travelling the world flying first class and living a life of luxury." A satellite phone and laptop were his main tools". Phanu added.

Thailand will seek to extradite Bendelladj to the US state of georgia, where a court has issued a warrent for his arrest . Smiling Bendelladj, who was present at the press conference, denied that he was on the FBI's top ten wanted list . Bendelladj also added "I'm not in the top 10 , maybe just 20th or 50th," with a laugh ."I am not a terrorist."

[Update]