(IN)SECURE Magazine Issue #42 Released
June 30th, 2014 📆 | 3281 Views ⚑
(IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. Table of contents:
Share this on Email
Monthly Archives: June 2014
Tagged with: issue • magazine • released • secure
Remote Code Execution Vulnerabilty in Disqus Leaves Millions of Blogs Vulnerable
June 30th, 2014 📆 | 2256 Views ⚑
The security team at the security firm Sucuri discovered a critical Remote Code Execution (RCE) flaw while analyzing some custom
Tagged with: disqus • execution • leaves • millions • remote • vulnerabilty
Dradis v2.9 – Information Sharing For Security Assessments
June 28th, 2014 📆 | 3412 Views ⚑
Dradis is an open source framework to enable effective information sharing, specially during security assessments. It’s a tool specifically to
Tagged with: assessments • dradis • information • security • sharing
The Mole – Automatic SQL Injection Exploitation Tool
June 28th, 2014 📆 | 2271 Views ⚑
The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on
Tagged with: automatic • exploitation • injection
Zero-Day TimThumb WebShot Vulnerability leaves Thousands of WordPress Blogs at Risk
June 26th, 2014 📆 | 3398 Views ⚑
The critical vulnerability discovered by Pichaya Morimoto in the TimThumb WordPress plugin version 2.8.13, resides in its “Webshot” feature that,
Tagged with: leaves • thousands • timthumb • vulnerability • webshot • wordpress
Researchers Find and Decode the Spy Tools Governments Use to Hijack SmartPhones
June 25th, 2014 📆 | 2287 Views ⚑
Researchers from the Citizen Lab at the Munk School of Global Affairs at the University of Toronto and computer security
Tagged with: decode • governments • hijack • researchers • smartphones • tools
Codesake::Dawn – Static Code Analysis Security Scanner For Ruby
June 24th, 2014 📆 | 2827 Views ⚑
Codesake::Dawn is a source code scanner designed to review your code for security issues. Basically a static analysis security scanner
Tagged with: analysis • codesake • scanner • security • static
Google takes OpenSSL and turns it into BoringSSL, Another Flavor of OpenSSL
June 24th, 2014 📆 | 8596 Views ⚑
The biggest Internet giant Google is launching a new fork of OpenSSL, which they dubbed as BoringSSL, developed by its
Tagged with: another • boringssl • google • openssl • takes • turns
Hexorbase – Multiple Database Management and Audit Tool
June 23rd, 2014 📆 | 2925 Views ⚑
HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is
Tagged with: audit • database • hexorbase • management • multiple
HackPorts – Mac OS X Penetration Testing Framework and Tools
June 22nd, 2014 📆 | 3193 Views ⚑
HackPorts was developed as a penetration testing framework with accompanying tools and exploits that run natively on Mac platforms. HackPorts
Tagged with: framework • hackports • penetration • testing • tools
Source Code Hosting Service Code Spaces Deleted By Hacker
June 21st, 2014 📆 | 1936 Views ⚑
Code Spaces, a code-hosting and software collaboration platform used by different organizations for project management and development needs, was forced
Tagged with: deleted • hacker • hosting • service • source • spaces
PlayDrone Tool found Thousands of secret keys in Play Store Android apps
June 21st, 2014 📆 | 3256 Views ⚑
A team of researchers from the computer science department of the Columbia University have discovered a critical security problem in
Tagged with: android • found • playdrone • secret • store • thousands
ArchAssault – Arch Linux ISO for Penetration Testers
June 19th, 2014 📆 | 4659 Views ⚑
The ArchAssault Project is an Arch Linux derivative for penetration testers, security professionals and all-around Linux enthusiasts. This means we
Tagged with: archassault • linux • penetration • testers
Hooker – Automated Dynamic Analysis of Android Applications
June 19th, 2014 📆 | 1975 Views ⚑
Hooker is an opensource project for dynamic analysis of Android applications. This project provides various tools and applications that can
Tagged with: analysis • android • applications • automated • dynamic • hooker
Millions of LinkedIn Users at Risk of Man-in-the-Middle Attack
June 19th, 2014 📆 | 2429 Views ⚑
The popular professional network, LinkedIn has left hundreds of millions of its users exposed to Man-in-the-Middle (MitM) attack due to
Tagged with: attack • linkedin • middle • millions • users
XML Schema, DTD, and Entity Attacks A Compendium of Known Techniques
June 18th, 2014 📆 | 5034 Views ⚑
core feature of XML is the ability to define and validate document structure using schemas and document type lead to
Tagged with: attacks • compendium • entity • known • schema • techniques
SHODAN – Expose Online Devices Wind Turbines, Power Plants & More!
June 17th, 2014 📆 | 3133 Views ⚑
SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some
Tagged with: devices • expose • online • power • shodan • turbines
Feedly Knocked Offline by DDoS Attack after refusing extortion demands
June 12th, 2014 📆 | 8031 Views ⚑
Feedly is a very popular RSS feed service which is available for desktop, iOS and Android devices with around 15
Tagged with: after • attack • feedly • knocked • offline • refusing
OWASP Mantra – Browser Based Security Framework
June 10th, 2014 📆 | 3895 Views ⚑
OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy
Tagged with: based • browser • framework • mantra • owasp • security
vulnerabilities discovered in Linux kernel that may lead to a DoS or privilege escalation
June 7th, 2014 📆 | 2925 Views ⚑
A privilege escalation vulnerability has been identified in the widely used Linux kernel that could allow an attackers to take
Tagged with: discovered • escalation • kernel • linux • privilege • vulnerabilities
ByWaf – Web Application Penetration Testing Framework
June 6th, 2014 📆 | 4549 Views ⚑
ByWaf is a Web Application Penetration Testing Framework (WAPTF). It consists of a command-line interpreter and a set of plugins.
Tagged with: application • bywaf • framework • penetration • testing
OpenSSL Vulnerable to Man-in-the-Middle Attack , other Six new bugs
June 5th, 2014 📆 | 4354 Views ⚑
Remember OpenSSL Heartbleed vulnerability? Several weeks ago, the exposure of this security bug chilled the Internet, revealed that millions of
Tagged with: attack • middle • openssl • other • vulnerable
GnuTLS Flaw Leaves SSL Clients Vulnerable to Remote Code Execution
June 4th, 2014 📆 | 5772 Views ⚑
The bug (CVE-2014-3466) was independently discovered by Joonas Kuorilehto of security firm Codenomicon, the same security firm who discovered the
Tagged with: clients • execution • gnutls • leaves • remote • vulnerable
Shellter v1.0 – A Dynamic ShellCode Injector
June 4th, 2014 📆 | 3889 Views ⚑
Shellter is a dynamic shellcode injection tool aka dynamic PE infector. It can be used in order to inject shellcode
Tagged with: dynamic • injector • shellcode • shellter
12
-
-
Popular
Cyber Attack: Ransomware causing chaos globally… April 5, 2019 Tens of thousands of organisations have been caught out by…
Game of Thrones stream: Season 8 episode 1 streams… April 15, 2019 The eighth and final season of Game of Thrones is…
WWE star Lana’s Snapchat hacked with sex tape April 18, 2019 WWE star Lana appeared to be hacked Wednesday, when an…
Ripple Price Analysis: When Will XRP Finally Break Out? April 18, 2019 XRP has a commanding hold of the no. 3 spot…
Start Hacking Today! April 1, 2019 Watch this ethical hacking tutorial today to see how and…
Prueba de penetración – Pentest March 31, 2019 El pentest como herramienta de diagnóstico eficaz. Para mayor información…
Atlassian Confluence SSRF / Remote Code Execution March 25, 2019 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512This email refers to the advisory…
AMAZING STREET HACK March 31, 2019 An amazing smartphone app turns common people into powerful hackers…
Latest
-
0day.today Agreement – 0day.today Exploit Database : vulnerability : 0day : new exploits : buy and sell private exploit : shellcode by 0day Today Team
April 21st | by
-
About Hacking ( Pengertian Hacking, Cracking, Carding, dan Defacing )
April 21st | by
-
atftp 0.7.1 tftpd_file.c Crafted Packet memory corruption
April 21st | by
-
0day.today Agreement – 0day.today Exploit Database : vulnerability : 0day : new exploits : buy and sell private exploit : shellcode by 0day Today Team
April 21st | by
-
atftp up to 0.7.0 tftpd_list.c denial of service
April 21st | by
-
How to Exploit Metasploitable 2 with NMap, Nexpose, Nessus and Metasploit
April 21st | by
-
0day.today Agreement – 0day.today Exploit Database : vulnerability : 0day : new exploits : buy and sell private exploit : shellcode by 0day Today Team
April 21st | by
-
Streamex Platform Takes Crypto Trading to the Next Level
April 21st | by
-
ROCBOSS 2.2.1 POST Request PostController.php doReward score sql injection
April 21st | by
Comments