Author Archives: Unknown

The Department of Homeland Security and CISA ICS-CERT today issued a critical security advisory warning about over a dozen newly discovered vulnerabilities affecting billions of Internet-connected devices manufactured by many vendors across the globe.
… Continue reading New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking→

These plugins were developed as a result of this article posted to Medium by Zach, aka, “svch0st”.  The article is fascinating, in that Zach found that there’re Registry keys that appear to track the applications that access the microphone and web… Continue reading Plugin Spotlight – consentstore, consentstore_tln, appcompatflags.pl update→

Given the number of RegRipper plugins that are part of the distro, I thought it would be a good idea every now and then to spotlight a plugin or two, and share what led to the plugin being created, and discuss how it can be used as part of analysis.pri… Continue reading Plugin Spotlight – printer_settings, featureusage→

Microsoft today released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products.

This is the third Patch Tuesday update… Continue reading Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities→

If you’re using Zoom—especially during this challenging time to cope with your schooling, business, or social engagement—make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux com… Continue reading Two Critical Flaws in Zoom Could’ve Let Attackers Hack Systems via Chat→

With the “new” release, I thought it would be good to share a couple of tips as to how you can get the most out of RegRipper v3.0. I should note that for the most part, all of these tips are the same things I’ve recommended for using RegRipper v2.8, as… Continue reading Tips on Using RegRipper v3.0→

Apple recently paid Indian vulnerability researcher Bhavuk Jain a huge $100,000 bug bounty for reporting a highly critical vulnerability affecting its ‘Sign in with Apple’ system.

The now-patched vulnerability could have allowed remote attackers to by… Continue reading Critical ‘Sign in with Apple’ Bug Could Have Let Attackers Hijack Anyone’s Account→

Mitron (means “friends” in Hindi), you have been fooled again!

Mitron is not really a ‘Made in India’ product, and the viral app contains a highly critical, unpatched vulnerability that could allow anyone to hack into any user account without requirin… Continue reading Exclusive – Any Mitron (Viral TikTok Clone) Profile Can Be Hacked in Seconds→

I recently released RegRipper v3.0, something I’ve been working on since Aug, 2019.I am no longer supporting RegRipper 2.8.  I’ll leave the repo up for the time being, but I will not be writing plugins to support that version.  You can move p… Continue reading RegRipper v3.0→

Remember Strandhogg?

A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information… Continue reading New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps→