Počítačový útok (631)  - Úvod  Databáze 

Android  APT  ATM  Bot  BigBrother  Bluetooth  BotNet  Bugy  Cloud  Creck  Exploit  Fingerpriting  Goog. Hack  Hacker  Hardware  ICS  Incidenty  iOS  IoT  Krimi  Teror  Linux  Mac  Mobil  Outsourcing  Open Source  Phishing  Rootkit  Ransom  RFID  Soc.inžen.  Sociální sítě  Spam  Steganografie  Šifrování  Tor  TV  Útoky  Viry  Virtualizace  WiFi  Zranitelnosti

 

Datum

Název

Typ

Info

4.10.2018

Cold boot attack

Hardware/cryptographic In cryptography, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine.The attack relies on the data remanence property of DRAM and SRAM to retrieve memory contents that remain readable in the seconds to minutes after power has been removed.
28.9.2018OpenSSH Plaintext
Recovery Attack
Communicationo, somebody pointed this out to me the other day: http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt which talks about the probability of recovering some plain text from an ssh session. Having seen nothing at all from OpenSSH about this, my first reaction was "OH NO!" because it looked like they had released information without patches or a fix being available, then I looked a little closer at what was actually being talked about here.
27.9.2018FormjackingWebWhen a customer of an e-commerce site clicks “submit” or its equivalent after entering their details into a website’s payment form, malicious JavaScript code that has been injected there by the cyber criminals collects all entered information, such as payment card details and the user’s name and address. This information is then sent to the attacker’s servers. Attackers can then use this information to perform payment card fraud or sell these details to other criminals on the dark web.
21.8.2018Man-in-the-DiskAndroidRecently, our researchers came across a shortcoming in the design of Android’s use of storage resources. Careless use of External Storage by applications may open the door to an attack resulting in any number of undesired outcomes, such as silent installation of unrequested, potentially malicious, apps to the user’s phone, denial of service for legitimate apps, and even cause applications to crash, opening the door to possible code injection that would then run in the privileged context of the attacked application.
21.8.2018FaxploitExploit

Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver a physical message from a sender to a receiver. Technology wise, however, that was a long time ago. Today we are light years away from those dark days. In its place we have email, chat messengers, mobile communication channels, web-services, satellites using quantum messaging and more.

15.8.2018TLBLEEDCPU AttackTLBleed is a new side channel attack that has been proven to work on Intel CPU’s with Hyperthreading (generally Simultaneous Multi-threading, or  SMT, or HT on Intel) enabled. It relies on concurrent access to the TLB, and it being shared between threads. We find that the L1dtlb and the STLB (L2 TLB) is shared between threads on Intel CPU cores.
15.8.2018ForeshadowCPU AttackForeshadow is a vulnerability that affects modern microprocessors that was first discovered by two independent teams of researchers in January 2018, but was first disclosed to the public on 14 August 2018.The vulnerability is a speculative execution attack on Intel processors that may result in the loss of sensitive information stored in personal computers, or third party clouds.There are two versions: the first version (original/Foreshadow) (CVE-2018-3615) targets data from SGX enclaves; and the second version (next-generation/Foreshadow-NG) (CVE-2018-3620 and CVE-2018-3646) targets Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory
15.8.2018Meltdown CPU AttackMeltdown is a hardware vulnerability affecting Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors. It allows a rogue process to read all memory, even when it is not authorized to do so.
15.8.2018Spectre CPU AttackSpectre is a vulnerability that affects modern microprocessors that perform branch prediction.On most processors, the speculative execution resulting from a branch misprediction may leave observable side effects that may reveal private data to attackers. For example, if the pattern of memory accesses performed by such speculative execution depends on private data, the resulting state of the data cache constitutes a side channel through which an attacker may be able to extract information about the private data using a timing attack.
27.6.2018TLBleedcryptographic TLBleed is a cryptographic side-channel attack that uses machine learning to exploit a timing side-channel via the translation look-aside buffer (TLB) on modern microprocessors that use simultaneous multithreading.
18.5.2018BlackNurse attackDoS

The BlackNurse attack is a form of denial of service attack based on ICMP flooding. The attack is special because a modest bandwidth of 20Mbit/s can be effective for disrupting a victim's network.The attack consists of sending Destination Unreachable packets to a destination. This works because these packets caused the destination to consume resources at a relatively high rate relative to the traffic.

18.5.2018EFAIL AttacksEmail

Researchers finally revealed the Historical Email encryption based EFAIL attacks that can be exploited this brand new serious vulnerability that affected PGP & S/MIME end-to-end encryption technologies. Researchers already released an earlier warning about this highly critical security flaw in PGP & S/MIME keys and they advised to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.

18.5.2018NethammerHardwareA fundamental assumption in software security is that memory contents do not change unless there is a legitimate deliberate modification. Classical fault attacks show that this assumption does not hold if the attacker has physical access.

4.5.2018

GLitch attack

Android

The researchers dubbed their attack “GLitch,” as it leverages WebGL, a JavaScript API for rendering interactive graphics in web browsers, to determine the physical memory layout of the DRAM memory before starting the targeted Rowhammer attack.

21.4.2018

SIP Client Call Flood

VoIP

This is a flood technique focused on SIP application protocol which involves illegitimate call requests. The idea here is to flood the Session Boarder Control (SBC) and / or SIP / VOIP PBX with too many requests to handle and thus making the service unavailable.

21.4.2018

HTTP Fragmentation
Attack

HTTP

In an HTTP Fragmentation Attack, an attacker establishes a valid connection with a server, and then proceeds to send all of his or her HTTP traffic to the server in small fragments as slowly as possible.

21.4.2018

ICMP Flood Attack

 

Internet Control Message Protocol (ICMP) is a connectionless protocol used for IP operations, diagnostics, and errors. An ICMP Flood attack - the sending of an abnormally large number of ICMP packets of any type (especially network latency testing "ping" packets) - can overwhelm a target server that attempts to process every incoming ICMP request, and this can result in a denial-of-service condition for the target server.

21.4.2018

HTTP Flood (HTTP DDoS
Attack)

HTTP

An HTTP flood is a HTTP DDoS attack method used by hackers to attack web servers and applications. It consists of seemingly legitimate session-based sets of HTTP GET or POST requests sent to a target web server. These requests are specifically designed to consume a significant amount of the server's resources, and therefore can result in a denial-of-service condition (without necessarily requiring a high rate of network traffic).

20.4.2018

PowerHammer

Hardware

PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines

19.4.2018

iOS Trustjacking Attack

iOS

Symantec researchers have found a loophole in how iPhone users pair devices with Mac workstations and laptops. They say attackers can exploit this flaw —which they named Trustjacking— to take over devices without the phone owner's knowledge.

13.4.2018

Border Gateway Protocol
(BGP) Attack

TCP/IP

The BGP attack is a DDoS attack where attackers take control of a large amount of fast routers to overwhelm their victim. The idea behind it is to take advantage of the ability of routers to exchange router tables. The attackers let the controlled routers know that their target is a router asking for a routing table's exchange, which results in the sending of a big amount of incoming packets to the victim, therefore overwhelming it.

13.4.2018

Cookie Poisoning

Cookies

Cookie poisoning is the act of manipulating or forging a cookie (a small piece of data created and stored in a user's browser that keeps track of important information regarding his or her session information for a particular site) for the purpose of bypassing security measures or sending false information to a server. An attacker using cookie poisoning can gain unauthorized access to a user's account on the particular site the cookie was created for, or potentially tricking a server into accepting a new version of the original intercepted cookie with modified values.

13.4.2018

DrDoS attack

DoS

Distributed Reflection Denial of Service attack. An attack is reflective when the attacker makes use of a potentially legitimate third party to send his or her attack traffic, ultimately hiding his or her own identity.

13.4.2018

Fragmented ACK Attack

 

A Fragmented ACK attack is a variation of the ACK & PSH-ACK Flood that uses 1500-byte packets with the goal of hogging the target network’s bandwidth with only a moderate packet rate. If application level filters were applied on network equipment (routers and such), it will have to reassemble the packets, consuming much of its resources. If no filters were applied, these attack packets will be able to pass through many network security devices such as routers, ACLs, and firewalls undetected. These fragmented packets usually contain junk data, as the goal of the attacker is to simply consume all of the target network’s bandwidth.

13.4.2018

#RefRef

DDoS

#RefRef is a Perl-based DoS attack tool developed by the Hacktivist group ‘Anonymous’ that uses a vulnerability in MySQL to perform an SQL injection involving the MySQL BENCHMARK() function. #RefRef abuses the BENCHMARK () function which allows for the repeated execution of an expression in order to exhaust a targeted server’s resources.

13.4.2018

Application misuse attack

Vulnerebility

Application misuse is a category of cyber or security attacks which envelopes the concept of availability-based outages at Layers 5-7 on the OSI model of internetworking. The idea here is to misuse a standard, RFC, business logic or known application vulnerabilities to establish lethargic or unavailable application-layer resources.

13.4.2018

TCP Window Scaling

TCP/IP

The TCP Window is a buffer that contains a copy of all the packets sent out by a device in case any of the packets are lost in transit (in which case they can be replaced using this buffer and resent minimizing packet loss).

13.4.2018

SYN Flood

TCP/IP

A SYN flood is a denial-of-service (DoS) attack that relies on abusing the standard way that a TCP connection is established. Typically, a client sends a SYN packet to an open port on a server asking for a TCP connection. The server then acknowledges the connection by sending SYN-ACK packet back to the client and populating the client’s information in its Transmission Control Block (TCB) table.

13.4.2018

Fraggle Attack

DDoS

A Fraggle Attack is a denial-of-service (DoS) attack that involves sending a large amount of spoofed UDP traffic to a router’s broadcast address within a network. It is very similar to a Smurf Attack, which uses spoofed ICMP traffic rather than UDP traffic to achieve the same goal. Given those routers (as of 1999) no longer forward packets directed at their broadcast addresses, most networks are now immune to Fraggle (and Smurf) attacks.

13.4.2018

DNS Flood Attack (DNS Flooding)

DNS

DNS amplification attack is a sophisticated denial of service attack that takes advantage of DNS servers' behavior in order to amplify the attack. In order to launch a DNS amplification attack, the attacker performs two malicious tasks. First, the attacker spoofs the IP address of the DNS resolver and replaces it with the victim's IP address. This will cause all DNS replies from the DNS servers to be sent to the victim's servers.

13.4.2018

UDP Flood Attack

TCP/IP

A UDP flood attack is a network flood and still one of the most common floods today. The attacker sends UDP packets, typically large ones, to single destination or to random ports. In most cases the attackers spoof the SRC IP which is easy to do since the UDP protocol is "connectionless" and does not have any type of handshake mechanism or session.

13.4.2018

Boy-in-the-Browser Attack

Web

The Boy-in-the-Browser Attack is a variant of the MitB – Man-in-the-Browser attack involving malware that makes changes to a target machine's routing (often by changing an operating system's hosts file), and subsequently deleting itself.

13.4.2018

Counter-attack

 

A counter-attack is a term taken from the military jargon used to describe large scale, usually strategic offensive operations by forces that had successfully halted an enemy’s offensive, while occupying defensive positions.

13.4.2018

Low rate attack

 

Attack aimed at bringing a target down but doing so quietly. This is much different than high rate brute force attacks. These attacks often aim at leaving connections open on the target by creating a relatively low number of connections over a period of time and leaving those sessions open for as long as possible.

13.4.2018

Slowloris

DoS

Slowloris is a denial-of-service (DoS) tool developed by the grey hat hacker “RSnake” that causes DoS by using a very slow HTTP request. By sending HTTP headers to the target site in tiny chunks as slow as possible (waiting to send the next tiny chunk until just before the server would time out the request), the server is forced to continue to wait for the headers to arrive.

13.4.2018

High-rate attack

 

These attacks are essentially forceful and often involve flooding the target with an overwhelming flux of packets, whether over saturating its connection bandwidth or depleting the target's system resources. Bandwidth starvation typically assumes the attacker has access to more machines or higher bandwidth than the victim or that it utilizes an Amplification Attack.

13.4.2018

Zero-Day - Zero-Minute
Attack

Zero-Day

A Zero-Day (or Zero-Minute) Attack is a type of attack that uses a previously unknown vulnerability. Because the attack is occurring before “Day 1” of the vulnerability being publicly known, it is said that the attack occurred on “Day 0” - hence the name.

13.4.2018

Torshammer (Tor‘s Hammer)

Tor

Torshammer is a slow-rate HTTP POST (Layer 7) DoS tool created by phiral.net. The first public occurrence of this tool dates back to early 2011.

13.4.2018

R.U.D.Y. Attack (R-U-Dead-
Yet?)

Web

R.U.D.Y. attack (R-U-Dead-Yet?) is a slow-rate HTTP POST (Layer 7) denial-of-service tool created by Raviv Raz and named after the Children of Bodom album "Are You Dead Yet?"

13.4.2018

Hacktivist

Hacktivist

"Hacktivist", a portmanteau of "hack" and "activism", was a term coined in 1996 by Omega, a member of the hacking coalition "Cult of the Dead Crow" (cDc). The term can be loosely defined as, "the ethically ambiguous use of computers and computer networks in order to affect the normal operation of other systems, motivated by a desire to protest or promote political ends.

8.4.2018

SIP Malformed Attack

SIP

Application layer attack on the Session Initiation Protocol- SIP in use in VoIP services, targeted at causing denial of service to SIP servers. A SIP malformed attack consists of sending any kind of non-standard messages (malformed SIP Invite for ex) with an intentionally invalid input, therefore making the system unstable.

4.4.2018

Java Deserialization Attack

Apache

Recently we talked a lot about attacks exploiting Java deserialization vulnerabilties in systems like Apache SOLR and WebLogic. Most of these attacks targeted Linux/Unix systems. But recently, I am seeing more attacks that target windows.

30.3.2018

Cold boot attack

Crypto

In cryptography, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine.

30.3.2018

Lucky Thirteen attack

Crypto

The Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation, first reported in February 2013 by its developers Nadhem J. AlFardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London.

30.3.2018

Electromagnetic attack

Crypto

In cryptography, electromagnetic attacks are side-channel attacks performed by measuring the electromagnetic radiation emitted from a device and performing signal analysis on it.

30.3.2018

Pin Configuration Attack

Crypto

A PLC can receive and transmit various types of electrical and electronic signals.

30.3.2018

Pin Multiplexing Attack

Crypto

Embedded SoCs usually employ hundreds of pins connected to the electrical circuit. Some of these pins have a single defined purpose.

30.3.2018

Pin Control Attack

Crypto

Pin Control Attack is a class of attack against embedded SoC's where attacker targets I/O configuration of the embedded systems and physically terminate its connection with the software or Operating System (OS) without software/OS notices about it or receive any failure regarding I/O failures.

30.3.2018

Timing attack

Crypto

In cryptography, a timing attack is a side channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms.

30.3.2018

DMA Attack

Hardware

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (August 2012) (Learn how and when to remove this template message)

28.3.2018

UEFI Attack

Firmware
Attack

Unlike macs many PCs are likely to be vulnerable to pre-boot Direct Memory Access (DMA) attacks against UEFI. If an attack is successful on a system configured with secure boot - then the chain of trust is broken and secure boot becomes insecure boot.

27.3.2018

BranchScope Attack

CPU

We present BranchScope — a new side-channel attack where the attacker infers the direction of an arbitrary conditional
branch instruction in a victim program by manipulating the shared directional branch predictor

13.3.2018

Authentication Synchronization
Failure Attack

4G LTE

 

13.3.2018

Traceability Attack

4G LTE

 

13.3.2018

Numb Attack

4G LTE

 

13.3.2018

Authentication Relay Attack

4G LTE

 

13.3.2018

Detach/Downgrade Attack

4G LTE

 

13.3.2018

Paging Channel Hijacking Attack

4G LTE

 

13.3.2018

Stealthy Kicking-off Attack

4G LTE

 

13.3.2018

Panic Attack

4G LTE

 

13.3.2018

Energy Depletion Attack

4G LTE

 

13.3.2018

Linkability Attack

4G LTE

 

13.3.2018

MOSQUITO Attack

Bezdrátový

 

13.3.2018

aIR-Jumper

Bezdrátový

Attack steals sensitive data from air-gapped PCs with the help of infrared-equipped CCTV cameras that are used for night vision.

13.3.2018

USBee

Bezdrátový

Can be used to steal data from air-gapped computers using radio frequency transmissions from USB connectors.

13.3.2018

DiskFiltration

Bezdrátový

Can steal data using sound signals emitted from the hard disk drive (HDD) of air-gapped computers.

13.3.2018

BitWhisper

Bezdrátový

Relies on heat exchange between two computers to stealthily siphon passwords and security keys.

13.3.2018

AirHopper

Bezdrátový

Turns a computer's video card into an FM transmitter to capture keystrokes.

13.3.2018

Fansmitter

Bezdrátový

Technique uses noise emitted by a computer fan to transmit data.

13.3.2018

GSMEM Attack

Bezdrátový

Attack relies on cellular frequencies.

4.3.2018

MEMCACHED UDP REFLECTION ATTACKS

  

4.3.2018

RDDoS Attack

RDDoS

 

4.3.2018

Eclipse Attack

  

4.3.2018

SgxSpectre Attack

  

4.3.2018

Memcached DDoS Attackers

  

4.3.2018

SWIFT-based attack

  

24.10.2017

The DUHK Attack

  

19.10.2017

BOUNDHOOK Attack

  

17.10.2017

DDE Attack

  

17.10.2017

Key Reinstallation Attacks

  

17.10.2017

ROCA Attack

  

15.6.2017

BlackNurse Denial of Service Attack

  

15.6.2017

Distributed Guessing Attack

  

1.3.2016

DROWN attack

  

9.6.2015

Quantum Insert attack

  

4.6.2014

Cross-site scripting (XSS)

Databáze

 

4.6.2014

SQL injection

Databáze

 

4.6.2014

Cross-site Request Forgery (CSRF)

Databáze

 

4.6.2014

Cross-User Defacement

  

4.6.2014

Escapování

  

4.6.2014

Cache poisoning

  

4.6.2014

HTTP response splitting

  

4.3.2014

Triple Handshake útok

  

12.2.2014

UDP-based Amplification Attacks

  

12.2.2014

DNS Amplification Attacks

DNS

 

12.2.2014

NTP Amplification Attacks
Using CVE-2013-5211

  

31.1.2014

Pasivní identifikace operačního systému

Skenovací

 

31.1.2014

Aktivní identifikace operačního systému

Skenovací

 

31.1.2014

Skenování portů

Skenovací

 

31.1.2014

ICMP dotazy

Skenovací

 

31.1.2014

Hromadný ping

Skenovací

 

31.1.2014

Skenování FIN, X-mas a Null

Skenovací

 

31.1.2014

Nečinné skenování

Skenovací

 

31.1.2014

Podvržené návnady

Skenovací

 

31.1.2014

Tajné SYN skenování

Skenovací

 

31.1.2014

MITM útok

  

31.1.2014

ARP Poisoning

  

31.1.2014

ARP Spoofing

  

31.1.2014

MAC Attack

  

31.1.2014

DoS

DoS

 

31.1.2014

Adress Spoofing

  

31.1.2014

Sniffing(odposlouchávání)

  

31.1.2014

Session Hijacking

  

31.1.2014

Replay Attack

  

31.1.2014

Spoofing Attack

  

31.1.2014

FTP Bounce Attack

  

31.1.2014

Reflection_attack

  

31.1.2014

Relay attack

  

31.1.2014

Mixed_threat_attack

  

31.1.2014

TCP_reset_attack

  

31.1.2014

Twinge_attack

  

31.1.2014

IP_fragmentation_attacks

  

31.1.2014

Fragmented_distribution_attack

  

31.1.2014

Inference_attack

  

31.1.2014

Attack_tree

  

31.1.2014

Packet_drop_attack

  

31.1.2014

LAND_attack

  

31.1.2014

MAC_flooding

  

31.1.2014

IP_address_spoofing

  

31.1.2014

DNS_rebinding

DNS

 

31.1.2014

DNS_hijacking

DNS

 

31.1.2014

Squatting_attack

  

31.1.2014

Sybil_attack