September 24th, 2020 📆 | 4612 Views ⚑
INDUSTRY INSIGHT Want stronger cybersecurity? Start by improving east-west traffic detection By Carolyn Crandall Sep 24, 2020 When it comes
September 22nd, 2020 📆 | 4545 Views ⚑
# Exploit Title: ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path # Discovery by: Burhanettin Özgenç # Discovery Date: 2020-09-15 #
September 21st, 2020 📆 | 6168 Views ⚑
The US’s Department of Homeland Security (DHS) recently issued a security warning to all government agencies regarding a security exploit
September 18th, 2020 📆 | 8032 Views ⚑
# Exploit Title: Microsoft SQL Server Reporting Services 2016 - Remote Code Execution # Google Dork: inurl:ReportViewer.aspx # Date: 2020-09-17
September 17th, 2020 📆 | 5523 Views ⚑
# Title: Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software # Author: John Page (aka hyp3rlinx) #
September 16th, 2020 📆 | 1642 Views ⚑
*] *]# Exploit Title: Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path # Discovery by: Jok3r # Discovery
September 16th, 2020 📆 | 4366 Views ⚑
# Exploit Title: Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path # Date: 2020-08-31 # Exploit Author: Angelo D'Amato
September 15th, 2020 📆 | 6824 Views ⚑
+] Title: Windows TCPIP Finger Command – C2 Channel and Bypassing Security Software+] Credits: John Page (aka hyp3rlinx) +] Website:
September 13th, 2020 📆 | 6076 Views ⚑
Russian security firm Kaspersky has published a blog post about the alleged threat to Linux from targeted attacks and so-called
September 12th, 2020 📆 | 5730 Views ⚑
*] *]# Exploit Title: Internet Explorer 11 - Use-After-Free # Google Dork: if applicable # Date: 2020-09-06 # Exploit Author:
September 10th, 2020 📆 | 5883 Views ⚑
# Exploit Title: Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH) # Date: 2020-09-08 # Author: Felipe Winsnes #
September 9th, 2020 📆 | 4359 Views ⚑
# Exploit Title: Input Director 1.4.3 - 'Input Director' Unquoted Service Path # Discovery Date: 2020-09-08 # Response from Input
September 9th, 2020 📆 | 6659 Views ⚑
The CloundExperienceHostBroker hosts unsafe COM objects accessible to a normal user leading to elevation of privilege. Source link
September 9th, 2020 📆 | 1810 Views ⚑
The StorageFolder class when used out of process can bypass security checks to read and write files not allowed to
September 9th, 2020 📆 | 2184 Views ⚑
# Exploit Title: ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path # Discovery Date: 2020-09-08 # Discovery by: Alan Lacerda
September 4th, 2020 📆 | 1860 Views ⚑
The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate
September 4th, 2020 📆 | 2135 Views ⚑
# Exploit Title: Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path # Discovery Date: 2020-09-03 # Discovery by: chipo # Vendor
September 3rd, 2020 📆 | 3177 Views ⚑
# Exploit Title: BarracudaDrive v6.5 - Insecure Folder Permissions # Exploit Author: Bobby Cooke (boku) & Adeeb Shah (@hyd3sec) #
September 3rd, 2020 📆 | 5888 Views ⚑
Cisco has raised an alert for customers using its Jabber video and instant-messaging client to patch four security flaws, including
September 2nd, 2020 📆 | 8033 Views ⚑
Cyber-security firm ESET has published a report today detailing a new strain of Windows malware that the company has named
September 1st, 2020 📆 | 5240 Views ⚑
Search company Elastic, developer of Elasticsearch and the Elastic Stack, announced recently the release of a beta version that delivers
August 28th, 2020 📆 | 2636 Views ⚑
# Exploit Title: ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow (DEP,ASLR Bypass) (PoC) # Software Link Download:
August 22nd, 2020 📆 | 2269 Views ⚑
The handling of KTM logs does not limit Registry Key operations to the loading hive leading to elevation of privilege.
August 22nd, 2020 📆 | 2431 Views ⚑
The handling of KTM logs when initializing a Registry Hive contains no bounds checks which results in privilege escalation. Source
Cabot 0.11.12 – Persistent Cross-Site Scripting September 7, 2020 # Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting #…
Ubuntu Security Notice USN-4474-1 ≈ Packet Storm August 26, 2020 ==========================================================================Ubuntu Security Notice USN-4474-1August 26, 2020firefox vulnerabilities==========================================================================A security issue affects…
CyberRisk Alliance Acquires Security Weekly September 8, 2020 NEW YORK, Sept. 08, 2020 (GLOBE NEWSWIRE) -- CyberRisk Alliance…
Dominic Cummings’ plan to build UK Google… September 10, 2020 UK Prime Minister Boris Johnson's top adviser, Dominic Cummings, is…
European ISPs report mysterious wave of DDoS attacks September 5, 2020 More than a dozen internet service providers (ISPs) across Europe…Zerologon Proof Of Concept September 17, 2020 Proof of concept exploit for the Windows Zerologon vulnerability as…
Data center giant Equinix discloses ransomware incident September 10, 2020 Image: Equinix Equinix, one of the world's largest providers of…
Comments