[RHSA-2013:0671-01] Moderate: openstack-packstack security and bug fix update
----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Moderate:...
View ArticleRansomware false advertising
The AVG Web Threats Research group found a redesign of a recent ransomware page that claims the scam has dealings with most of the major anti-virus companies in the world, including AVG.The malicious...
View Article[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2
[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2===============================================================================Author: Janek Vind "waraxe"Date: 21. March...
View ArticleMetasploit: Apache Struts ParametersInterceptor Remote Code Execution
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# web site for more information on licensing and terms of...
View ArticleIE/Firefox Redirection Issue – FB Oauth2 Bypass – BugCrowd
1- IE/Firefox – Page Redirection HijackSeveral weeks ago, I reported an interesting PoC via my Twitter in which I had created a web page that stops Firefox and IE browsers to redirect users to their...
View ArticleFake Zendesk security notice spammed out, directs traffic to Canadian drug...
I'm always on the lookout for breaking news about companies who might have had their systems hacked, so when I received the following email earlier today my interest was piqued.Its subject line was "An...
View ArticleClik here to view.
New version of HookMe released (0.2.1.0b)- Tool designed for intercepting...
File: 0.2.1.0b.zip 124 KBDescription:Changelog:- Now it allows to choose what API functions to hook- More stability- Minor features- Minor fixesSHA1 Checksum:3c3656b970c106491b01f168bccf1d4551cfafd8...
View ArticleUS-CERT Current Activity - Recent Reports of DHS-Themed Ransomware (UPDATE)
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1National Cyber Awareness SystemRecent Reports of DHS-Themed Ransomware (UPDATE)Original release date: March 21, 2013 | Last revised: March 22, 2013US-CERT...
View Articlemod_ruid2 before 0.9.8
mod_ruid2 is a suexec style module for apache 2.0, 2.2 and 2.4, based onmod_ruid and mod_suid2 that allows the Apache webserver to run under theUID and GID of the user account that controls a...
View ArticlevBulletin 3.6 Nulled by NightNing Remote File Disclosure
#Exploit Title: vBulletin 3.6 Nulled by NightNing Remote File Disclosure#Exploit Author: D35m0nd142#Date: 21/03/2013#Vendor Homepage: http://www.vbulletin.com/#Tested on: vBulletin 3.6.7#Demo Website:...
View ArticleMageia release 2 (32bit) sock_diag_handlers Local root exploit
/* Exploit Title: Mageia release 2 (32bit) sock_diag_handlers Local root exploit Date: 22-03-2013 Exploit Author: y3dips@echo.or.id | @y3dips Vendor Homepage: http://www.mageia.org/en/ Software Link:...
View ArticleLiveAdmin
######################################################### LiveAdmin <- Local File Include Vulnerbility######################################################### Author : ByEge# Author Blog :...
View ArticleFree Hosting Manager v2.0.2 Multiple SQL Injection Vulnerabilities
-------------------------------------------------------------------------# Software : Free Hosting Manager V2.0.2 Multiple SQLi...
View ArticleMajor security hole allows Apple passwords to be reset with only email...
Apple yesterday rolled out two-step verification, a security measure that promises to further shield Apple ID and iCloud accounts from being hijacked. Unfortunately, today a new exploit has been...
View ArticleEvil Maid Just Got Angrier Why Full-Disk Encryption With TPM is Insecure on...
1 UEFI BIOS2 Measured/Trusted Boot3 The Real World: Bypassing Measured/Trusted Boot4 Windows BitLocker with TPM5 Secure Bootread...
View ArticleMore 10 Common Mistakes in Memory Analysis (Part 1)
Because we finished the list of 10 common mistakes some time ago we continue with “more” series. A year ago we discovered the need to pay attention to differences between 32-bit and 64-bit versions of...
View ArticleMetasploit: Mutiny Remote Command Execution
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# web site for more information on licensing and terms of...
View ArticleMetasploit: KingView Log File Parsing Buffer Overflow
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# Framework web site for more information on licensing and...
View ArticleWordpress Themes - felici XSS Vulnerability
# Title : Wordpress Themes - felici XSS Vulnerability# Date: 2013-03-15# Software Link: [ N / A ]# Credit: This Bug was founded by Asesino04 "The Black Devils"# Tested on: Windows XP SP2# Category:...
View ArticleUploadify v3.0.0 XSS Vulnerability
# Title : Uploadify v3.0.0 XSS Vulnerability# Date: 2013-03-15# Software Link: http://www.uploadify.com/# Credit: This Bug was founded by Asesino04 "The Black Devils"# Tested on: Windows XP SP2#...
View Article