Clik here to view.
Google Compute Engine Lateral Compromise by by Scott T. Cameron
A user who creates a GCE VM with compute-rw privileges, whosubsequently has that single VM compromised, can lead to a globalcompromise of all VMs inside of the account.VMs created in the web UI, by...
View ArticleClik here to view.
CVE-2014-2120 – A Tale of Cisco ASA “Zero-Day”
A few months ago I was trying to PoC a known cross-site scripting vulnerability in the Cisco ASA WebVPN portal (CVE-2013-3414) for inclusion in the TrustKeeper Scan Engine. I tried a number of...
View ArticleClik here to view.
(0Day) VMware vCenter Server Appliance Ruby vSphere Console Privilege...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware vCenter Appliance. Authentication is required to exploit this vulnerability.more...
View ArticleClik here to view.
Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit
/** * Ubuntu 12.04 3.x x86_64 perf_swevent_init Local root exploit * by Vitaly Nikolenko (vnik5287@gmail.com) * * based on semtex.c by sd * * Supported targets: * [0] Ubuntu 12.04.0 - 3.2.0-23-generic...
View ArticleClik here to view.
Vulnerability found in the All in One SEO Pack WordPress Plugin
The team behind the All in One SEO Pack just released a new version of their popular WordPress plugin.It is a security release patching two privilege escalation vulnerabilities we discovered earlier...
View ArticleClik here to view.
Customer experience first How we decided to eliminate a revenue-generating...
TL;DR: We’ve always tried to put user experience first, even when that gets in the way of making more money. Browsers have changed, we’ve become a security company, and we’ve shifted our business to...
View ArticleClik here to view.
LE, BF and IAA vulnerabilities in Catapulta I.W. Edition
These are Login Enumeration, Brute Force and Insufficient Anti-automation vulnerabilities in Catapulta I.W. Edition.This is commercial CMS. It's used at web site of one presidential contender in...
View ArticleClik here to view.
How to get push notifications for Rails and Ruby security updates
As a one-coder shop, when it comes to running WiseCash I take security seriously. I wanted to find a way to get push notifications when a Rails release comes out, even on the week-ends when I usually...
View ArticleClik here to view.
OpenPGP verified WebApp
Using client side crypto usually comes with the problem of trusting the server serving the files. Even if a webapp uses OpenPGP.js to encrypt everything client-side, it is insecure in the event where...
View ArticleClik here to view.
Bypassing Windows ASLR in Microsoft Word using Component Object Model (COM)...
A couple of months ago a RTF 0-day was used in attacks and to bypass ASLR (Address Space Layout Randomization) it was using a non-ASLR module MSCOMCTL.OCX. This got me interested to research into how...
View ArticleClik here to view.
NSA scooping up millions of faces from web images
The National Security Agency is harvesting huge numbers of images of people from communications it intercepts through its global surveillance operations for use in sophisticated facial recognition...
View ArticleClik here to view.
Presentation PDF: When the Sky is Falling
Network-Scale Mitigation of High-VolumeReflection/Amplification DDoS Attackmore here............http://www.liopen.fr/presentations/reflectionamplificationpublic.pdf
View ArticleClik here to view.
Technical Analysis Of The GnuTLS Hello Vulnerability
Two weeks ago, an interesting commit appeared in the GnuTLS repository.2014-05-23 19:50 Nikos Mavrogiannopoulos <nmav@gnutls.org>Prevent memory corruption due to server hello parsing.The patch...
View ArticleClik here to view.
Deobfuscating PHP Scripts
Occasionally people send me PHP scripts to help them analyze it. Most of the time, it’s simply unescaping the script and finding the right variable to echo. I got two tricky ones within the past couple...
View ArticleClik here to view.
Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress
Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress=========================================================================Program: Participants Database <= 1.5.4.8Severity:...
View ArticleClik here to view.
joebp – immuninty debugger script
I made some changes to my break point script to make it more modular and accept arguments and stuff. I normally steer clear of python due to its agonizingly strict syntax, but I suffered through it for...
View ArticleClik here to view.
PALO ALTO NETWORKS RESEARCH SHINES SPOTLIGHT ON CYBER THREATS HIDING IN PLAIN...
Report Details How Traditional Exploit Techniques Used In Innovative Ways Can Mask Dangerous Threat Activitymore...
View ArticleClik here to view.
CRITs - Collaborative Research Into Threats
CRITs is a web-based tool which combines an analytic engine with a cyber threat database that not only serves as a repository for attack data and malware, but also provides analysts with a powerful...
View ArticleClik here to view.
Molerats, Here for Spring!
Between 29 April and 27 May, FireEye Labs identified several new Molerats attacks targeting at least one major U.S. financial institution and multiple, European government organizations.When we last...
View ArticleClik here to view.
Using nmap to scan for DDOS reflectors
Before we get into this here is the standard disclaimer. Do not scan any devices that you do not have explicit permission to scan. If you do not own the devices I strongly recommend you get that...
View Article