Clik here to view.
ASML Recently Discovered IT Systems Security Incident; No Evidence That...
ASML Holding N.V. (ASML) recently discovered unauthorized access to a limited portion of its IT systems. ASML took immediate steps to contain the breach and is conducting an ongoing investigation. The...
View ArticleClik here to view.
Paper: Windows NT pagefile.sys Virtual Memory Analysis
As hard disk encryption, RAM disks, persistent data avoidance technology and memory resident malware become more widespread, memory analysis becomes more important. In order to provide more virtual...
View ArticleClik here to view.
Vulnerabilities in Hikvision DS-7204HWI-SH
There are Abuse of Functionality and Brute Force vulnerabilities in Hikvision DS-7204HWI-SH.-------------------------Affected products:-------------------------Vulnerable is the next model: Hikvision...
View ArticleClik here to view.
upstart logrotate privilege escalation in Ubuntu Vivid (development)
Problem description: Ubuntu Vivid 1504 (development branch) installs an insecure upstart logrotation script which will read user-supplied data from /run/user/[uid]/upstart/sessions and pass then...
View ArticleClik here to view.
Microsoft Onenote Image Caching Bug (Confidential Information Leakage)
Bug SummaryA security bug in the Microsoft Onenote allows images placed in user created password protected sections to be cached persistently in the user profile temporary directory...
View ArticleClik here to view.
XSS Reflected vulnerabilities in Fortimail version 5.2.1 (CVE-2014-8617)
I. VULNERABILITY-------------------------XSS Reflected vulnerabilities in Fortimail version 5.2.1II. BACKGROUND-------------------------Fortinet’s industry-leading, Network Security Platforms deliver...
View ArticleClik here to view.
WHICH VPN SERVICES TAKE YOUR ANONYMITY SERIOUSLY? 2015 EDITION
VPN services have become an important tool to counter the growing threat of Internet surveillance, but unfortunately not all VPNs are as anonymous as one might hope. In fact, some VPN services log...
View ArticleClik here to view.
Box
Box is a toy project to implement a decent UI for using cryptography within the Irssi IRC client.more here.........https://github.com/ahf/box
View ArticleClik here to view.
Samsung-TV-Hacks
These are files used to hack my Samsung TV.more here..........https://github.com/ohjeongwook/Samsung-TV-Hacks
View ArticleClik here to view.
Piwik Downloads Updates over HTTP
Piwik is an open-source web analytics tool. Its updater downloads andexecutes PHP code over an insecure (not-HTTPS) connection. The issue wasreported on the public GitHub tracker in October of 2014 and...
View ArticleClik here to view.
Slim Framework - (CVE-2015-2171, PHP Object Injection), Other Vulnerabilities
Product: Slim PHP FrameworkWebsite: http://www.slimframework.com/Affected versions: 2.5.0 and lowerFixed in: 2.6.0 (released 2015-03-01)CVSS Score: I don't care. Does anybody really?From their...
View ArticleClik here to view.
Appie v-2 released : Android Pentesting Portable Integrated Environment
Appie is now capable Android Application Security Assessment, Android Forensics, Android Malware Analysismore here..........https://manifestsecurity.com/appie-release/
View ArticleClik here to view.
Samsung Pay Promises To Allow Tap-And-Pay At 90% Of Credit Card Terminals,...
Samsung presentations always include a litany of buzzwords and redundant features, some of which are meaningless or borrowed directly from Google and Android, while others point to bigger aspirations....
View ArticleClik here to view.
Thanks for the Memories: Identifying Malware from a Memory Capture
We've all seen attackers try and disguise their running malware as something legitimate. They might use a file name of a legitimate Windows file or even inject code into a legitimate process that's...
View ArticleClik here to view.
TorrentLocker spam has DMARC enabled
Last week, Trend Micro researcher Jon Oliver (who presented a paper on Twitter abuse at VB2014) wrote an interesting blog post about a spam campaign that was spreading the 'TorrentLocker' ransomware...
View ArticleClik here to view.
AVG unveils invisibility glasses to defend against facial recognition
Could 'invisibility' glasses become the next trend in cities crawling with cameras and full of facial recognition technology?more...
View ArticleClik here to view.
Paper: Defending against Return-Oriented Programming
Return-oriented programming (ROP) has become the primary exploitation technique forsystem compromise in the presence of non-executable page protections. ROP exploits arefacilitated mainly by the lack...
View ArticleClik here to view.
Google quietly backs away from encrypting new Lollipop devices by default
Last year, Google made headlines when it revealed that its next version of Android would require full-disk encryption on all new phones. Older versions of Android had supported optional disk...
View ArticleClik here to view.
Signal 2.0: Private messaging comes to the iPhone-end to end encrypted
Whisper releases Signal 2.0, with support for TextSecure private messaging.more here..........https://whispersystems.org/blog/the-new-signal/
View ArticleClik here to view.
Avast study exposes global Wi-Fi browsing activity
The use of open, unprotected Wi-Fi networks has become increasingly popular across the globe. Whether you’re traveling around a new city and rely on public Wi-Fi networks to get around or you’re at...
View Article