LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

FREE Root Shells on Linux Servers Thanks to polkitd Vulnerability

Tags: , , , , , , , , , Date/Time: January 26, 2022 @ 9:49 am, by raindog308

A new vulnerability that affects many Linux systems has been revealed: Pwnkit. This attack uses a vulnerability in polkitd to allow any user to escalate his privileges to root.  There are patches for major Linux systems: see the LowEndTalk thread.  Thanks to @FoxelVox for posting this on LET. It’s important to note that the vulnerability […]

HostSolutions.ro Hack Update

Tags: , , , , Date/Time: December 27, 2021 @ 6:01 pm, by raindog308

As a quick followup to our story from a couple days ago about the HostSolutions.ro hack, owner Marius has now commented on LowEndTalk, confirming the breach and adding some details. The entire thread has a lot of interesting speculation, though alas not a ton of new details. Are you a HostSolutions customer?  Or have you […]

HostSolutions.ro Hacked

Tags: , , , , , , , Date/Time: December 25, 2021 @ 1:35 pm, by raindog308

News broke on Christmas Eve that HostSolutions.ro has been hacked.  Community member @MikaelStrang posted the email below that he received from a hacker claiming to have the HostSolutions WHMCS database. “Sadly you have used hostsolutions.ro before, and they were recently hacked about a month ago.  We stole their database and all of their backups.  We […]

Gartner Makes Bold Prediction: War in the G20 by 2024

Tags: , , , , Date/Time: December 18, 2021 @ 7:06 pm, by raindog308

Gartner, one of the world’s major IT consulting firms, recently shared their “Top Strategic Predictions for 2022 and Beyond” at a conference.  Most of the content concerned economic and technological trends they feel will change IT.  One slide, however, made a bold, dramatic prediction: In other words, sometime in the next 13-25 months, a member of […]

The Syniverse Hack: Why Using SMS for 2FA is a Bad Idea

Tags: , , , , , , , , Date/Time: October 5, 2021 @ 7:31 pm, by raindog308

Security gurus have suggested for years that relying on SMS for two-factor authentication is a bad idea.   Reasons include Your phone may be stolen Many people allow SMS messages to be displayed on lock screens Your phone can be SIM-cloned People inside your phone carrier may have access to your text messages But here’s a […]

Microsoft Azure’s CosmosDB Accidentally Left Wide Open

Tags: , , , Date/Time: August 27, 2021 @ 12:00 pm, by raindog308

Microsoft revealed Thursday that some customers’ CosmosDB databases in Azure were accidentally left wide open. A security researcher named Wiz discovered that it could access keys that unlocked thousands of customers’ databases. Microsoft has issued a fix and contacted affected customers so they can change their keys. “This is the worst cloud vulnerability you can […]

LowEnd Provider Clouvider Suffers Website Hack

Tags: , , , , Date/Time: August 26, 2021 @ 9:11 pm, by raindog308

LowEnd provider Clouvider suffered a website hack today. A group styling itself “Katyusha SecurityExploitCrew” defaced a website they manage, as reported on LowEndTalk. The site was a redirect to their main web site and no customer data was compromised. Clouvider posted the following statement: “At approximately 20:30 today (UK/London Time) we were made aware that […]

Australian Police Will Soon Have Sweeping New Surveillance Powers

Tags: , , , Date/Time: August 26, 2021 @ 12:00 pm, by raindog308

Australian law enforcement will soon be able to takeover accounts and impersonate their owners, “disrupt data” by modifying it.  Three new warrant powers are granted Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) in the Surveillance Legislation Amendment (Identify and Disrupt) Bill which has been approved by both the Australian House and Senate. […]

CoinBase Customer Service Continues to be Appalling: Thousands Hacked

Tags: , , , , Date/Time: August 25, 2021 @ 12:00 am, by raindog308

A while back, I used CoinBase (NASDAQ: COIN) for some cryptocurrency transactions and found their system buggy and the customer service nonexistent. After failing repeatedly to get an account verified, I was actually told by one of their reps that perhaps I should just abandon my account and open a new account.  Nice. Apparently their […]

Comment Free For All: Hacking in the Movies

Tags: , , , Date/Time: July 28, 2021 @ 12:00 am, by raindog308

I once watched an episode of Law & Order with a friend who is an attorney. From the moment the action switched from the police to the prosecutors, he was tied up in knots, shouting at the screen all the inaccuracies in the way the courtroom proceedings were portrayed. I feel the same way about […]

Older Posts »