Clik here to view.
WordPress SEO by Yoast
Title: WordPress SEO by Yoast <= 1.7.3.3 - Blind SQL InjectionVersion/s Tested: 1.7.3.3Patched Version: 1.7.4CVSSv2 Base Score: 9 (AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C)CVSSv2 Temporal Score:...
View ArticleClik here to view.
Foreign LINUX
Foreign LINUX is a dynamic binary translator and a Linux system call interface emulator for the Windows platform. It is capable of running unmodified Linux binaries on Windows without any drivers or...
View ArticleClik here to view.
Security Issue: Combining Bcrypt With Other Hash Functions
The other day, I was directed at an interesting question on StackOverflow asking if password_verify() was safe againt DoS attacks using extremely long passwords. Many hashing algorithms depend on the...
View ArticleClik here to view.
WPML WordPress plug-in SQL injection etc.
*OVERVIEW*WPML is the industry standard for creating multi-lingual WordPress sites.Three vulnerabilities were found in the plug-in. The most serious of them,an SQL injection problem, allows anyone to...
View ArticleClik here to view.
Integer Overflow Prevention in C
Integer overflows are known bugs in C which can lead to exploitable vulnerabilities.more here......https://splone.com/blog/2015/3/11/integer-overflow-prevention-in-c
View ArticleClik here to view.
Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities
Product: OpenCmsVendor: Alkacon SoftwareVulnerable Version(s): 9.5.1 and probably priorTested Version: 9.5.1Vendor Notification: Mar 05, 2015 (https://github.com/alkacon/opencms-core/issues/304)Vendor...
View ArticleClik here to view.
Achievement Locked: New Crypto-Ransomware Pwns Video Gamers
Gamers may be used to paying to unlock downloadable content in their favorite games, but a new crypto-ransomware variant aims to make gamers pay to unlock what they already own. Data files for more...
View ArticleClik here to view.
Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’...
In mid-2013, a problem occurred that slowly began unmasking the hidden registration information for owners’ domains that had opted into WHOIS privacy protection. These domains all appear to be...
View ArticleClik here to view.
Introducing Masche: memory scanning for server security
Mozilla operates thousands of servers to build products and run services for our users. Keeping these servers secure is the primary concern of the Operations Security team, and the reason why we have...
View ArticleClik here to view.
VIRLOCK Combines File Infection and Locks Computer Screens
Ransomware has become one of the biggest problems for end users are as of late. In the past months alone, we have reported on several variants of both ransomware and crypto-ransomware, each with their...
View ArticleClik here to view.
Rooting the Transcend WiFi SD card
by injecting commands into the wifi channel configThis exploit requires opening the "Files" page of the card's web interface and escaping to the root of the file system.more...
View ArticleClik here to view.
Monitoring High-Risk Users with StealthWatch Dashboards
Most businesses trust their own employees, but when an organization deals with sensitive data, security must come first. In such an environment, a worker who has turned in their two weeks’ notice or...
View ArticleClik here to view.
Bypassing ASLR with CVE-2015-0071: An Out-of-Bounds Read Vulnerability
Almost every Patch Tuesday cycle contains one bulletin that (for convenience) rolls up multiple Internet Explorer vulnerabilities into a single bulletin. February’s Patch Tuesday cumulative IE bulletin...
View ArticleClik here to view.
Samsung's Android SNS Exploit
Proof of concept of vulnerabilities in Samsung's SNS application here.......https://github.com/programa-stic/SNS-thief
View ArticleClik here to view.
Diaphora, a program diffing plugin for IDA Pro
Some weeks ago I started developing a binary diffing plugin for IDA Pro (in IDA Python) like Zynamics BinDiff, DarunGrim or Turbo Diff. The reasons to create one more (open source) plugin for such task...
View ArticleClik here to view.
Beyond good ol’ Run key, Part 29
LNK files are used by malware for many years so there is not much new about it that can be said with regards to persistence.Examples include:Placing shortcut files in popular locations (Desktop, Start...
View ArticleClik here to view.
Jamieoliver[dot]com still compromised, now drops digitally signed malware
Almost one month ago we blogged about popular Chef Jamie Oliver having his website hacked and serving malware.The issue was quickly resolved following our disclosure and Jamie Oliver’s management team...
View ArticleClik here to view.
107 The Need for Pro active Defense and Threat Hunting Within Organizations...
The video for the presentation is here https://www.youtube.com/watch?v=751bkSD2Nn8&t=1m35s and the slides are...
View ArticleClik here to view.
T-Pot: A Multi-Honeypot Platform
We created a honeypot platform, which is based on the well-established honeypots glastopf, kippo, honeytrap and dionaea, the network IDS/IPS suricata, elasticsearch-logstash-kibana, ewsposter and some...
View ArticleClik here to view.
Tango- Honeypot Intelligence with Splunk
Tango is a set of scripts and Splunk apps which help organizations and users quickly and easily deploy honeypots and then view the data and analysis of the attacker sessions. There are two scripts...
View Article