Clik here to view.
[Honeypot Alert] New Bot Malware (BoSSaBoTv2) Attacking Web Servers Discovered
Our web honeypots picked up some interesting attack traffic. The initial web application attack vector (PHP-CGI vulnerability) is not new, the malware payload is. We wanted to get this information...
View ArticleClik here to view.
This Simple iPhone Case can be Used to Steal ATM PINs
It’s a common wisecrack around the criminal community. This whole stealing ATM PINs thing would be a lot simple if a gadget would just do all the work.Sounds like a crazy dream, right?After all, what...
View ArticleClik here to view.
Metasploit: ManageEngine Eventlog Analyzer Arbitrary File Upload
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank =...
View ArticleClik here to view.
Metasploit: Railo Remote File Include
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit4 < Msf::Exploit::Remote Rank =...
View ArticleClik here to view.
Metasploit: SolarWinds Storage Manager Authentication Bypass
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank =...
View ArticleClik here to view.
Google DNS Server IP Address Spoofed for SNMP reflective Attacks
Thanks to James for sending us some packets. Unlike suggested earlier, this doesn't look like a DoS against Google, but more like a DoS against vulnerable gateways. The SNMP command is actually a "set"...
View ArticleClik here to view.
Twitter Vulnerability Could Delete Credit Cards from Any Twitter Account
Hello everyone :)today i will write about a serious vulnerability i’ve found recently in Twitter.so let me share the story with you .the story started when i saw Twitter introducing their new bug...
View ArticleClik here to view.
Major Android Bug is a Privacy Disaster (CVE-2014-6041)
On the night of September 7, 2014, Joe Vennix of Rapid7's Metasploit Products team wrote, "I did not believe this at first, but after some testing it seems true: in AOSP browser before Android 4.4, you...
View ArticleClik here to view.
Wordfence v5.2.3 – 2 Stored XSS, Insufficient Logging, Throttle Bypass,...
Wordfence v5.2.3 suffers from multiple vulnerabilities including 2 stored XSS, insufficient logging of requests, being able to bypass the throttling feature (designed to limit scraping) and being able...
View ArticleClik here to view.
ALCASAR
#!/usr/bin/env python# -*- coding: utf-8 -*-####### ALCASAR <= 2.8.1 Remote Root Code Execution Vulnerability## Author: eF# Date : 2014-09-12# URL : http://www.alcasar.net/## This...
View ArticleClik here to view.
Archie: Just another Exploit kit
We have previously described how Exploit Kits are some of the favorite techniques used by cybercriminals to install malicious software on victims' systems. The number of Exploit Kits available has...
View ArticleClik here to view.
Introducing paste searches and monitoring for “Have I been pwned?”
I’ve got 174,451,409 breached accounts in Have I been pwned? (HIBP) as of today which probably sounds like a lot, but it’s not. Why is it not a lot? Because whilst that list spans a lot of the big...
View ArticleClik here to view.
Beyond Automated Unpacking: Extracting Decrypted/Decompressed Memory Blocks
It’s been about a year and a half since I wrote about a behavioural approach to automated unpacking, and I figured it was time to add some more functionality to unpack.py. This time, I’m going to look...
View ArticleClik here to view.
OS X IOKit kernel code execution due to controlled kmem_free size in...
IOSharedDataQueue is used by OS X kernel drivers to implement a user/kernel queue in shared memory.The memory which is mapped into userspace is represented by the variable-sized struct...
View ArticleClik here to view.
USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability
Document Title:===============USB&WiFi Flash Drive v1.3 iOS - Code Execution VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1316Release...
View ArticleClik here to view.
Denial of Service in TCP packet processing
=============================================================================FreeBSD-SA-14:19.tcp Security Advisory The FreeBSD ProjectTopic: Denial of Service in TCP packet processingCategory:...
View ArticleClik here to view.
Rogue E-Books Could Pose Threat to Amazon Accounts
It seems there’s an issue for Amazon Kindles owners should be aware of and take appropriate steps to avoid.A security researcher discovered malicious code that could potentially be injected – and...
View ArticleClik here to view.
Leveraging LFI To Get Full Compromise On WordPress Sites
In this post I will discuss how a serious but mostly ignored vulnerability can lead to a full compromise of a WordPress site. The key in this attack is how WordPress handles authentication allowing a...
View ArticleClik here to view.
Paper: Fine grain Cross-VM Attacks on Xen and VMware are possible!
This work exposes further vulnerabilities in virtualizedcloud servers by mounting Cross-VM cache attacks inXen and VMware VMs targeting AES running in thevictim VM. Even though there exists a rich...
View ArticleClik here to view.
CVE-2014-6283: Privilege Escalation Vulnerability and Potential Remote Code...
On May 12, 2014, SAP published updates to Adaptive Server Enterprise versions 15.0. 15.5 and 15.7 on all platforms. These updates addressed a security flaw in a built-in procedure implementation. The...
View Article