Latest News

Nmap 7 Released!
November 23, 2015
Nmap project released Nmap 7 after three years and half development. The new version of Nmap had more 100 contributors and 3,200 code commits since Nmap 6. The new version has 171 Nmap Scripting Engine (NSE) and supports fully IPv6 from host discovery to port scanning to OS detection. … [Read More...]

Apple fixes security vulnerabilities in Safari, OS X, iOS and Apple TV
April 9, 2015
(LiveHacking.Com) – Apple has released a massive set of security fixes to address vulnerabilities in OS X, iOS, Safari, and Apple TV. The update for OS X is largest of all the patches and addresses 80 unique vulnerabilities. The OS X Yosemite v10.10.3 update is available for OS X Yosemite v10.10 to v10.10.2, while Security Update 2015-004 is available for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5. Of … [Read More...]

The OpenSSL project releases new versions of its software to squash 12 security vulnerabilities
March 19, 2015
(LiveHacking.Com) – The OpenSSL Project announced on March 16th that it would make a new release of its OpenSSL suite to fix a number security defects. As promised the project published three new versions today, OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf. The highest severity defect fixed by these releases is classified as High. Before looking at the defects which have been fixed, it is worth noting that … [Read More...]

FREAK vulnerability weakens secure Web sites
March 4, 2015
(LiveHacking.Com) – FREAK (or 'Factoring attack on RSA-EXPORT Keys') is a newly disclosed vulnerability that can force browsers into using weaker encryption keys. Once the connection is using weaker keys then the traffic can be cracked relatively quickly. This then exposes all the information that was being sent over the secure connection. The vulnerability stems directly from an old U.S. government policy that … [Read More...]

WP-Slimstat vulnerability exposes WordPress websites to SQL injection attacks
February 25, 2015
(LiveHacking.Com) – A recent security advisory from Sucri has revealed that the popular Wordpress plugin WP-Slimstat is vulnerable to SQL injection attacks because of a weak secret key. If exploited fully the bug could allow hackers to use SQL injection attacks to download sensitive information from a susceptible site's database, including username, and (hopefully) hashed passwords. According to Sucri it could … [Read More...]

Google backpedals on its arbitrary vulnerability disclosure policy
February 14, 2015
(LiveHacking.Com) – Google has been under fire in the last few weeks for arbitrarily disclosing zero-day vulnerabilities which give hackers the information they need to attack susceptible systems. When Google makes these disclosures it knows full well that it is risking the security and privacy of potentially millions of people. The positive side of these disclosures is that Google guarantees that vendors, like … [Read More...]

Cross Site Scripting vulnerability found in IE 11
February 4, 2015
(LiveHacking.Com) – A new Cross Site Scripting (XSS) vulnerability has been found in IE 11. According to an email sent by David Leo, a researcher with information security company Deusen, to the Full Disclosure mailing list, the vulnerability can allow an attacker to steal anything from a third party domain, and likewise inject anything into a third party domain. Deusen has also posted a proof of concept which … [Read More...]

Apple updates iOS, OS X and Apple TV in monster patch release
January 28, 2015
(LiveHacking.Com) – Following Google’s disclose of a number of zero day vulnerabilities in OS X, Apple has released a huge set of patches that fix a range of Critical security problems on OS X, iOS, Apple TV, and Safari. Starting with OS X, Apple’s patches fix 54 separate CVEs including 11 from Google’s Project Zero. Among the fixes are patches for the 3 bugs which Google disclosed last week: An error existed … [Read More...]

Google discloses three more zero-day vulnerabilities, this time for OS X
January 23, 2015
(LiveHacking.Com) – Google recently came under some heavy criticism when it disclosed a zero-day vulnerability in Windows just days before Microsoft was scheduled to release a fix. Now the search giant as done it again. But this time Google shows that it is truly non-partisan because the disclosures aren't for Windows, but for OS X. The first vulnerability allows an attacker to pass arbitrary commands to the … [Read More...]

Microsoft to fix Windows vulnerability that Google publicly disclosed last week
January 13, 2015
(LiveHacking.Com) – Microsoft will be issuing a series of security bulletins today (Patch Tuesday) to address security vulnerabilities in its products. One of these fixes will be for a vulnerability that Google intentionally disclosed to the public last week. Security experts at Google found a bug which could allow an attacker to gain elevated privileges on a Windows 8.1 machine. After the vulnerability was found, … [Read More...]
Live Hacking Distro
-----<THIS PROJECT HAS BEEN RETIRED - LAST UPDATE 2011-05-17.>----- Live Hacking DVD is a Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this ‘Live DVD” runs directly from the DVD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check, … [Read More...]
Training Videos
The Live Hacking educational videos are a dedicated resource for those wanting to learn about the tools and utilities used by criminal hackers as the first step in preparing to defeat them. These tutorial videos cover a wide range of ethical hacking topics and tools from network fingerprinting to password and packet sniffing. See below for a list of the most recently uploaded videos. You can … [Read More...]