Clik here to view.
Google Images hacked? Searches fill with morbid image
An image of a Russian car crash has piled up in Google Images, regardless of what users search for. Time magazine searched for ‘puppy” and instead saw multiple images of the crash – leading to...
View ArticleClik here to view.
Paper: Bypass Antivirus Dynamic Analysis|Limitations of the AV model and how...
« Antivirus are easy to bypass », « Antivirus are mandatory in defense in depth », «This Cryptor is FUD»are some of the sentence you hear when doing some researches on antivirus security. I asked...
View ArticleClik here to view.
Paper: Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in...
Abstract The subtle way in which the IPv6 and IPv4 protocols coexist in typical networks, together with the lack of proper IPv6 support in popular Virtual Private Network (VPN) tunnel products,...
View ArticleClik here to view.
SPL ArrayObject/SPLObjectStorage Unserialization Type Confusion Vulnerabilities
One month ago the PHP developers released security updates to PHP 5.4 and PHP 5.5 that fixed a number of vulnerabilities. A few of these vulnerabilities were discovered by us and we already disclosed...
View ArticleClik here to view.
Malvertising: Not all Java from java.com is legitimate
Isn’t it ironic getting a Java exploit via java.com, the primary source for one of the most common used browser plugins? Current malvertising campaigns are able to do this. This blog post details a...
View ArticleClik here to view.
Self-propagating ransomware written in Windows batch hits Russian-speaking...
Ransomware steals email addresses and passwords; spreads to contacts.more...
View ArticleClik here to view.
[The ManageOwnage Series, part II]: User credential disclosure in...
You can read the usernames and MD5 hashed passwords of all the usersin the Device Expert application by sending an unauthenticatedrequest.I am releasing this as a 0 day as ManageEngine have responded...
View ArticleClik here to view.
NoAuth. A pragmatic security framework
Whether you are building a mobile app or want to expose some business logic to your customers, at some point most successful technology companies will have to ask themselves how they are going to...
View ArticleClik here to view.
JPMorgan and Other Banks Struck by Coordinated Cyberattack
A number of United States banks, including JPMorgan Chase and at least four other firms, were hit by hackers in a series of coordinated attacks this month, according to four people familiar with the...
View ArticleClik here to view.
Actual Analyzer Unauthenticated Command Execution
Hi AllURL: http://www.actualscripts.com/products/analyzer/I tried to report this a month ago, but got no response from thedevelopers via the support form on their website, requesting a GPGkey. This is...
View ArticleClik here to view.
PHP-Wiki Command Injection
Hi AllURL: https://sourceforge.net/projects/phpwiki/I tried to report this a month ago, but got no response from thedevelopers. This is an old vulnerability I found while dusting offsome old hard...
View ArticleClik here to view.
XRMS SQLi to RCE 0day
HiOSS-Security: Can I request a CVE for this please?XRMS Description:----------------------The most advanced open source customer relationship management (CRM), Sales Force Automation (SFA) suite: also...
View ArticleClik here to view.
Smashing The Browser
Smashing The Browser: From Vulnerability Discovery To ExploitPart 1: Browser Fuzzing TechnologyThis part will first introduce a fuzzer framework (StateFuzzer) developed by myself as well as the fuzzing...
View ArticleClik here to view.
SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting
SEC Consult Vulnerability Lab Security Advisory < 20140828-0 >======================================================================= title: Reflected Cross-Site Scripting...
View ArticleClik here to view.
Aerohive Hive Manager and Hive OS Multiple Vulnerabilities
( , ) (, . '.' ) ('. ', ). , ('. ( ) ( (_,) .'), ) _ _, / _____/ / _ \ ____ ____ _____ \____ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ | \\ \__( <_> ) Y Y...
View ArticleClik here to view.
Paper: PITOU- The “silent” resurrection of the notorious Srizbi kernel spambot
We began monitoring the development of a mysteriousmalware that first emerged in early April 2014 when wenoticed some intriguing features in the threat’s technicalaspects. Further analysis revealed a...
View ArticleClik here to view.
Landfill.bugzilla.org Disclosure
One of our developers discovered that, starting on about May 4th, 2014, for a period of around 3 months, during the migration of our testing server for test builds of the Bugzilla software, database...
View ArticleClik here to view.
CVE-2014-1815 Html code
1: < !doctype html>2: < html>3: < head>4: < meta http-equiv="Cache-Control" content="no-cache"/>5: < script >6: function stc()7: {8: var Then = new Date();9:...
View ArticleClik here to view.
Railo Security - Part Four - Pre-auth Remote Code Execution
his post concludes our deep dive into the Railo application server by detailing not only one, but two pre-auth remote code execution vulnerabilities. If you’ve skipped the first three parts of this...
View ArticleClik here to view.
Analyzing and mining PE32 files
In this brief blog post we'll look at what Viper currently provides to dissect PE32 files and mine your repository to identify similar binaries and possibly reconstruct campaigns and cluster malware...
View Article