Hacks

What Is Airtel? Bharti Airtel Limited, also known as Airtel, is an Indian global telecommunications services company based in Delhi, India. It operates in 18 countries across South Asia and Africa, and also in the Channel Islands. Airtel provides GSM, 3G, 4G LTE, 4G+ mobile services, fixed line broadband and voice services depending upon the country of operation. It is the  third largest mobile network operator in India  with over  325.5  million subscribers . [ Ref :  TRAI – Telecom Subscription Data as on 30th September, 2019 – PAGE 14  ] And the second largest mobile network operator in the world with over 411.42 million subscribers. [ Ref :  Wikipedia  ] What Is The Flaw? The flaw existed in one of their API that allows you to fetch sensitive user information of any Airtel subscriber. It Revealed information like First & Last Name, Gender, Email, Date of Birth, Address, Subscription Information, Device Capability informat...

Wireshark 3.0.7 released with a number of security updates and fixed several other bugs that reside in the Wireshark components. Wireshark also updated Protocol Support for various protocols such as BGP, HomePlug AV, IEEE 802.11, and  TLS . Wireshark 3.0.7  fixed the vulnerability {CVE-2019-19553)) that resides in the  CMS dissector  that affected the Wireshark version 3.0.0 to 3.0.6, 2.6.0 to 2.6.12. “It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.” Other Fixed Bugs in Wireshark 3.0.7 ws_pipe_wait_for_pipe() can wait on closed handles.  Bug 15696 . Support for 11ax in PEEKREMOTE.  Bug 15740 . The temporary file …​ could not be opened: Invalid argument.  Bug 15751 . Reassembling of the two TLS records is not working correctly.  Bug 16109 . Display Filter Area: Dropdown Missing pkt_comment and tcp.options.sack_perm (like...

OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework. The other three vulnerabilities are privilege escalation issues that could allow local users or malicious software to gain privileges of an auth group, root, as well as of other users, respectively. The vulnerabilities were discovered and reported by Qualys Research Labs earlier this week, in response to which OpenBSD developers released security patches for  OpenBSD 6.5  and  OpenBSD 6.6  just yesterday—that's in less than 40 hours. Here's a brief explanation of all four security vulnerabilities in OpenBSD—a free and open-source BSD-based Unix-like operating system—along with their assigned CVE identifiers OpenBSD Authentication Bypass (CVE-2019-19521) The authentication bypass vulnerability resides in the way OpenBSD's...

A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The vulnerability, tracked as CVE-2019-14899, resides in the networking stack of various operating systems and can be exploited against both IPv4 and IPv6 TCP streams. Since the vulnerability does not rely on the VPN technology used, the attack works against widely implemented virtual private network protocols like OpenVPN, WireGuard, IKEv2/IPSec, and more, the researchers confirmed. This vulnerability can be exploited by a network attacker — controlling an access point or connected to the victim's network — just by sending unsolicited network packets to a targeted device and observing replies, even if they are encrypted. As explained by the researchers, though there are variations f...

Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and Ad fraud. Facebook filed the lawsuit on Thursday in the Northern District of California against ILikeAd Media International Company Ltd. as well as a Chinese software developer and a marketing director working for the firm, Chen Xiao Cong and Huang Tao. All three defendants have been alleged to have deceived people into installing malware on their systems, enabling them to compromise user's Facebook accounts and then using those hacked accounts to advertise counterfeit goods and diet pills—which is clearly in violation of Facebook's Terms and Advertising Policies. "The suit seeks to hold accountable ILikeAd Media International Company Ltd. and Chen Xiao Cong and Huang Tao for creating the malware, tri...

A new malware campaign dubbed “RevengeHotels” targeting hotels, hostels, hospitality, and tourism companies worldwide aimed to steal credit card data of users and Travelers from hotel management systems. The campaign uses email as the main attack vector to deliver malware via weaponized Word, Excel or PDF documents. In some cases, it exploits patched Remote Code Execution Vulnerability  CVE-2017-0199  in Microsoft Office or WordPad. Researchers from Kaspersky observed tow hacking groups ProCC and RevengeHotels targeting the hospitality sector and they found to be active at least from 2015. Tactics Used – RevengeHotels Threat actors use to register typo-squatting domains impersonating the legitimate company names to trick the user believing the email is from the legitimate source. They use to send emails with details for booking hotels and the spear-phishing email written in the Portuguese language with the malicious file named  Reserva Advogados Associados(...

Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution flaw that can be exploited by attackers to execute malicious code on vulnerable devices and take control over them. The first vulnerability resides in the way multi-part/form-data requests are processed within the base GoAhead web server application, affecting GoAhead Web Server versions v5.0.1, v.4.1.1, and v3.6.5. According to the researchers at Cisco Talos, while processing a specially crafted HTTP request, an attacker exploiting the vulnerability can cause use-after-free condition on the server and corrupt heap structures, leading to code execution attacks. The second vulnerability, assigned as CVE-2019-5097, also resides in the same component of the GoAhead Web Server and can be exp...