Wordpress wp-newsletter-simples plugin Full Path Disclosure Vulnerability
# Exploit Title: Wordpress wp-newsletter-simples plugin Full Path Disclosure vulnerability# Date: 08/01/2012# Author: The Black Devils# Category : [ webapps ]# Type : php# Tested on: [Windows] &...
View ArticleWordpress haiku-minimalist-audio-player plugin Full Path Disclosure...
# Exploit Title: Wordpress haiku-minimalist-audio-player plugin Full Path Disclosure vulnerability# Date: 08/01/2012# Author: The Black Devils# Category : [ webapps ]# Vendor :...
View ArticleWordpress dynamic-headers plugin Full Path Disclosure Vulnerability
# Exploit Title: Wordpress dynamic-headers plugin Full Path Disclosure vulnerability# Date: 08/01/2012# Author: The Black Devils# Category : [ webapps ]# Vendor :...
View ArticleNew Payment Scam Targets Southern California Edison Customers
ROSEMEAD, Calif.--(BUSINESS WIRE)--Southern California Edison (SCE) is advising customers to be aware of a new telephone scam that is demanding immediate payment for allegedly past due electricity...
View ArticleClik here to view.
GXS and gtnews to Co-Sponsor Webinar on Corporate-to-Bank Integration in the...
Dow Corning’s John Coon to Discuss How it Simplified its Integration with Global Banking PartnersGXSGAITHERSBURG, MD (PRWEB) January 11, 2013GXS, a leading provider of B2B integration services, today...
View ArticleProtecting Canadians' Personal Information at HRSDC
OTTAWA, ONTARIO--(Marketwire - Jan. 11, 2013) - The Honourable Diane Finley, Minister of Human Resources and Skills Development, has issued the following statement regarding the loss of an external...
View ArticleBlackhole Spam Runs Return From Holiday Break
Blackhole exploit kit (BHEK) spam attacks remain to be a prevalent threat up to this day. In fact, it is one of the top five consumer threats for 2012 due to its use of software vulnerabilities and...
View ArticleThreat Outbreak Alert: Fake Contract Notice E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain contract information for the recipient. The text in the e-mail...
View ArticleThreat Outbreak Alert: Fake Faxed Document E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a fax report notification for the recipient. The text in the...
View ArticleDepartment of Homeland Security and Apple agree: Stop using Java Read more at...
The U.S. Department of Homeland Security’s Computer Emergency Readiness Team says no one should use Java until Oracle fixes a hole that permits attackers to jump inside your computer and steal...
View ArticleLecteur multimedia VLC 2.0.3 Twoflower (.ape) Crash PoC
# Title : Lecteur multimédia VLC 2.0.3 Twoflower (.ape) Crash Poc# Date: 2012-01-09# Software Link: http://www.videolan.org/vlc/# Author: The Black Devils# Tested on: Windows XP SP2# Greeting To :...
View ArticleWordpress wp-polls plugin Full Path Disclosure Vulnerability
# Exploit:http://localhost/wp-content/plugins/wp-polls/polls-templates.php#...
View ArticleVolatility VS Citadel 1.3.4.5
As a forensic and malware analyst, I have always been a big fan of Volatility, the Python coded memory analysis tool that keeps growing day by day. Thus, since I readed the Michael Ligh’s article on...
View ArticlePretty simple browser regular expressions fuzzer
This is a pretty simple browser regular expressions fuzzer. When launching, itgenerates files and writes them to folder "samples/". After files have beengenerated, open launch.html in your browser and...
View ArticleMozilla- Protecting Users Against Java Vulnerability
IssueMozilla is aware of a security vulnerability in the current version of Java (Java 7 Update 10) that is being actively exploited and affects any browser using the Java plugin. Firefox users may be...
View ArticleGovt of Nepal Ministry of Physical Planning, Works and Transport Management...
We show these compromised systems so that you understand the current threat environment that surrounds us everyday and how significant it is to take the appropriate countermeasures to safeguard your...
View ArticleJava 0day 1.7.0_10 decrypted source
/*Java 0day 1.7.0_10 decrypted source*/import java.applet.Applet;import com.sun.jmx.mbeanserver.JmxMBeanServer;import com.sun.jmx.mbeanserver.JmxMBeanServerBuilder;import...
View ArticleWordPress plugin Floating Tweets Multiple Vulnerabilities
I want to warn you about multiple vulnerabilities in plugin Floating Tweets for WordPress.These are Full path disclosure, Directory Traversal and Cross-Site Scripting...
View ArticleToday's NIST CVE Issuance's For Vulns In Xen, HP PKI ActiveX control, Pragyan...
Click on the underlined CVE for additional vuln specific infoCVE-2013-0154Summary: The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest...
View ArticleOnce upon a time with another Red Kit infection & its Payload
I was eager to see another Exploit Kit infection in action in this Crusade, some efforts was made but I was bumped into some other non-EK infectors in here and there before finally finding the below...
View Article