• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

exploit

  1. cageymaru

    The DHS Issues Medical Advisory for Medtronic Cardiac Devices

    The Department of Homeland Security (DHS) has issued a cybersecurity warning that documents vulnerabilities in the Medtronic Conexus Radio Frequency Telemetry Protocol. Medtronic makes cardio-defibrillators that are planted into a patient's chest and can be read and programmed by trained medical...
  2. AlphaAtlas

    Logitech M185 and Other Mice are Vulnerable to Keystroke Injection

    According to a recent post on David Sopas' security blog, the very popular, and very cheap, Logitech M185 is vulnerable to a keystroke injection attack. Using a recent version of the "Bettercap" hacking toolkit and a 2.4ghz USB dongle, the security researcher used the mouse to open a script...
  3. cageymaru

    Apple Fixes Zero-Day Exploits with Release of iOS 12.1.4

    Apple has released iOS 12.1.4 and it fixes two zero-day exploits that had been abused by hackers. According to Google Project Zero team lead, Ben Hawkes, "CVE-2019-7286 and CVE-2019-7287 were exploited in the wild as 0day." CVE-2019-7286 allowed hackers to gain elevated privileges by using a...
  4. cageymaru

    PremiSys IDenticard System Vendor Ignores Security Researcher Findings

    A security researcher from Tenable Research discovered a hardcoded backdoor in the 3.1.190 PremiSys IDenticard system that "allows attackers to add new users to the badge system, modify existing users, delete users, assign permission, and pretty much any other administrative function." Security...
  5. AlphaAtlas

    Fallout 76 Players Glitched Their Way Into a Developer Room

    Eurogamer says that some enterprising Fallout 76 players managed to glitch their way into a "developer room" with high tier and unreleased items. While the exploit is just now going public, Eurogamer's sources say that the exploit has been circulating around Discord servers for several weeks...
  6. cageymaru

    Microsoft Releases Emergency Security Update for Actively Exploited Vulnerability

    Microsoft has released an emergency security update to patch an actively exploited vulnerability in Internet Explorer. CVE-2018-8653 addresses a remote code execution vulnerability caused by the way the scripting engine handles objects in Internet Explorer. The exploit corrupts memory in such as...
  7. cageymaru

    Fallout 76 Perks and Mutations Allow Players to Fly

    TYR on YouTube has created a guide to flying in Fallout 76. The exploit just requires that the player has mutations and perks that are easily found in the game. Fallout 76 - *Flying* Mutation Exploit Tutorial - (No Jetpack Needed) - OP Exploit. Yes... you read that title correct.... G'day guys...
  8. cageymaru

    Intel CPUs Are Vulnerable to New PortSmash Side-Channel Exploit

    PortSmash is a new hardware level side channel exploit that leaks encrypted data from a computer's memory or CPU. Scientists can use multiple ways to record and analyze the data to break encryption algorithms and recover the CPU's data. Researchers from Tampere University of Technology in...
  9. cageymaru

    Android and Google Play Security Rewards Programs Surpass $3 Million in Payouts

    For the past 3 years, Google has been paying top researchers for submitting vulnerability reports about flaws and bugs in the Android ecosystem. Recently the Android Security Rewards (ASR) just exceeded the $3 million mark in rewards to researchers. This year alone 470 qualifying vulnerability...
  10. cageymaru

    NetSpectre: A Remote Spectre Attack Without Attacker-Controlled Code on the Victim

    Remember our coverage of Spectre? Well researchers at the Graz University of Technology have a working model of how to read arbitrary memory over a network called NetSpectre. NetSpectre attacks have been shown to work over LAN and Google Cloud. The computers being attacked do not need to run...
  11. DooKey

    NSA Exploit Leak is the Gift That Keeps on Giving

    The folks from Imperva have found a new cryptomining bug out in the wild that targets database servers and application servers. What's unique about this thing is it's worm-like behavior and creation using NSA exploits that were leaked into the wild. This sucker shouldn't be able to mess with...
  12. FrgMstr

    17 Year Old Zero Day Microsoft Office Flaw Fixed

    When this flaw came about we were still freaking out about Y2K ending the world. Well, Y2K turned out to be about as bad as the new ice age in the 70's. But unlike the new North American Ice Age, Global Warming, Polar Ice Cap Destruction, and Global Warming, Microsoft has actually fixed this...
  13. DooKey

    PS4 Jailbreak Might be Coming Soon

    Specter released a PS4 4.05 kernel exploit to GitHub today and stated it will allow jailbreaking and kernel-level modification to the PS4 system. However, they are not providing code that allows for homebrew or pirating games. With that said, I'm sure others will be more than willing to...
  14. DooKey

    Bad Rabbit Ransomware Uses Leaked 'EternalRomance' NSA Exploit to Spread

    I guess the NSA is the gift that keeps on giving. It appears that the Bad Rabbit ransomware that hit over 200 major organizations this week, primarily in Russia and the Ukraine does indeed use the EternalRomance exploit that leaked out of the NSA. Disable your WMI service to prevent the...
  15. FrgMstr

    Wormable WannaCry Type Vulnerability for Linux & Unix with Samba

    I know we have a lot of HardOCP readers that use Linux systems at home, and if you use the Samba networking utility, now is the time to pay attention. A newly found flaw in widely used networking software leaves tens of thousands of computers potentially vulnerable to an attack similar to that...
  16. Zarathustra[H]

    Wikileaks Exposes CIA Hacking Tools

    Apparently CIA's archive of tools used to compromise targeted systems was recently circulated in an unauthorized manner among former CIA contractors and hackers, one or more of which provided the information to Wikileaks. This leak outlines how CIA has been able to compromise platforms like...
  17. Zarathustra[H]

    To Keep TOR Hack Source Code Secret, DOJ Dismisses Child Pr0n Case

    As we have reported on in the past, the FBI has successfully compromised TOR, the service used to anonymously browse the internet, and access the so-called "dark net." As part of the case against one of the suspects arrested on child pr0n charges in 2015, a Judge ordered the DOJ to disclose the...
  18. Zarathustra[H]

    Another Linux Kernel Vulnerability Leading To Local Root From Unprivileged Processes

    How about that. In a world where Microsoft puts off a patch Tuesday in February with known 0-day exploits in the wild, a new Linux exploit has been discovered, and fixed in Git a week before it was announced giving distribution managers time to patch it in their repositories. You have to...
Back
Top