Clik here to view.
Paper: Do not trust me: Using malicious IdPs for analyzing and attacking...
Abstract. Single Sign-On (SSO) systems simplify login procedures byusing an an Identity Provider (IdP) to issue authentication tokens whichcan be consumed by Service Providers (SPs). Traditionally,...
View ArticleClik here to view.
Oxygen Forensics releases the new and free Oxygen Forensic Viewer
Oxygen Forensics releases Oxygen Forensic Viewer, a stand-alone tool for viewing and sharing information collected with Oxygen Forensic Suite. Fast, easy and lightweight, Oxygen Forensic Viewer allows...
View ArticleClik here to view.
ESPN espn.go.com Login & Register Page XSS and Dest Redirect Privilege...
*ESPN espn.go.com <http://espn.go.com/> Login & Register Page XSS and DestRedirect Privilege Escalation Security Vulnerabilities**Domain:*http://espn.go.com/*"*As of August 2013, ESPN is...
View ArticleClik here to view.
CVE-2014-8489 Ping Identity Corporation "PingFederate 6.10.1 SP Endpoints"...
*CVE-2014-8489 Ping Identity Corporation "PingFederate 6.10.1 SP Endpoints"Dest Redirect Privilege Escalation Security Vulnerability*Exploit Title: "Ping Identity Corporation" "PingFederate 6.10.1...
View ArticleClik here to view.
CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Security...
*CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) SecurityVulnerabilities*Exploit Title: goYWP WebPress Multiple XSS (Cross-Site Scripting) SecurityVulnerabilitiesProduct:...
View ArticleClik here to view.
Keurig 2.0 Genuine K-Cup Spoofing Vulnerability
*Overview*Keurig 2.0 Coffee Maker contains a vulnerability in which the authenticityof coffee pods, known as K-Cups, uses weak verification methods, which aresubject to a spoofing attack through re-use...
View ArticleClik here to view.
Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities
Title: Concrete5 CMS Reflected Cross-Site Scripting VulnerabilitiesAuthor: Simo Ben youssefContact: Simo_at_Morxploit_comDiscovered: 02 November 2014Updated: 9 December 2014Published: 9 December...
View ArticleClik here to view.
Multiple vulnerabilities in InfiniteWP Admin Panel
Multiple vulnerabilities in InfiniteWP Admin Panelhttps://lifeforms.nl/20141210/infinitewp-vulnerabilities/-----InfiniteWP (http://www.infinitewp.com/) allows an administrator to manage multiple...
View ArticleClik here to view.
'Destover' Malware Now Digitally Signed by Sony Certificates
Several days ago, our products detected an unusual sample from the Destover family. The Destover family of trojans has been used in the high profile attacks known as DarkSeoul, in March 2013, and more...
View ArticleClik here to view.
Hiding In Plain Sight
Malware authors are known for developing clever, interesting and sometimes dastardly ways to move, hide and distribute their wares to the masses.They often work tirelessly to stay ahead of security...
View ArticleClik here to view.
Hidden Costs of Memory Allocation
It’s important to understand the cost of memory allocations, but this cost can be surprisingly tricky to measure. It seems reasonable to measure this cost by wrapping calls to new[] and delete[] with...
View ArticleClik here to view.
Reproducible Malware Analyses for All
Summary: With help from GTISC, I have begun running 100 malware samples per day and posting the PANDA record & replay logs online at http://panda.gtisc.gatech.edu/malrec/. The goal is to lower the...
View ArticleClik here to view.
Now available: white papers on Regin's stage 1 components.
These are meant be to a contribution for those who are inspecting their own systems and configurations. The papers provide analysis of the components that most people will run into first if Regin is...
View ArticleClik here to view.
WordpreXSS Exploitation
In today’s post I am going to show a real-world example of stealing someone’s WordPress credentials using XSS exploitation, and getting shell access to the underlying host.more...
View ArticleClik here to view.
RedCloth contains unfixed XSS vulnerability for 9 years
I disclosed the following advisory about a XSS vulnerability ofRedCloth (Textile library for Ruby).http://co3k.org/blog/redcloth-unfixed-xss-enYou shouldn't use RedCloth to parse user inputted contents...
View ArticleClik here to view.
BMC TrackIt! Unauthenticated Arbitrary Local System User Password Change
BMC TrackIt! 11.3 Unauthenticated Local User Password ChangeTrial available here: http://www.trackit.comA Metasploit pull request has been made...
View ArticleClik here to view.
Archie and Astrum: New Players in the Exploit Kit Market
Exploit kits continue to be a critical tool for the propagation of crimeware. New exploit kits have appeared this year, and this post will discuss two of them — Archie and Astrum.more...
View ArticleClik here to view.
Critical vulnerability affecting HD FLV Player
We’ve been notified of a critical vulnerability affecting the HD FLV Player plugin for Joomla!, WordPress and custom websites. It was silently patched on Joomla! and WordPress, leaving the custom...
View ArticleClik here to view.
Free SSL certificate from CloudFlare abused in phishing scam
Today we received a phishing email pretending to come from LogMeIn, the popular remote administration tool. It uses a classic scare tactic “We were unable to charge your credit card for the due...
View ArticleClik here to view.
Analyzing Ponemon Cost of Data Breach
I was recently presenting on the use of statistics for risk analysis at the SIRACon conference held in Minneapolos (Oct. 9th and 10th, 2014). I was explaining how models and algorithms work at a high...
View Article