345 matches found
Credit Card Data and Other Information Targeted in Netflix Phishing Campaign
Introduction Through FireEye’s Email Threat Prevention ETP solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion...
Credit Card Data and Other Information Targeted in Netflix Phishing Campaign
Introduction Through FireEye’s Email Threat Prevention ETP solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion...
Credit Card Data and Other Information Targeted in Netflix Phishing Campaign
Introduction Through FireEye’s Email Threat Prevention ETP solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion...
CVE-2016-4028
An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided token matches the...
CVE-2016-7440
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
Design/Logic Flaw
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
CVE-2016-7440
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
CVE-2016-7440
The CVE-2016-7440 issue affects the wolfSSL (formerly CyaSSL) C library’s AES Encryption/Decryption implementation prior to 3.9.10. The vulnerability enables local users to potentially discover AES keys by exploiting cache-bank timing differences during AES operations. The available connected doc...
CVE-2016-7440
Disclaimer: This data contains information about vulnerable...
MariaDB 10.1.0 < 10.1.19 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.1.19. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.19 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client mysqldump. Supported versions that are affected...
CVE-2016-7440
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
UBUNTU-CVE-2016-7440
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
Wireless Keyboard Set LX901 GK900 Replay Attack
Exploit for multiple platform in category local exploits Product: Wireless Keyboard Set LX901 Manufacturer: Fujitsu Affected Versions: Model No. GK900 Tested Versions: Model No. GK900 Vulnerability Type: Cryptographic Issues CWE-310 Missing Protection against Replay Attacks Risk Level: Medium...
MorphAES - IDPS & SandBox & AntiVirus STEALTH KILLER
MorphAES is the world's first polymorphic shellcode/malware engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it's cross-platform as well and library-independent. Properties: Polymorphism AES encryption Metamorphism logic and constant...
Microsoft Windows PDF Library AES Encryption Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2016-4437
Apache Shiro before 1.2.5, when a cipher key has not been configured for the “remember me” feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. Recent assessments: sv3nbeast at April 17, 2020 12:15pm UTC reported: ...
Petya Ransomware Installs Mischa As Failsafe
The Petya ransomware strain signaled a new escalation for crypto-malware when it surfaced in March. For the first time, ransomware went beyond encrypting files on local and shared drives and instead set its sights on locking up the Master File Table on compromised machines. Petya did have its...
Windows 2008 GPP exploit-vulnerability warning-the black bar safety net
The test environment Windows 7 ordinary members of the domain Windows 2008 domain controller The first deployment of the GPP, here my deployment strategy is to the domain members are added to a test user, the password is test123 ! Add a local user ! Then came the Group Policy Management ! Will th...
CVE-2015-8253
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive 1 message or 2 MJPEG video data by sniffing the network...
Code injection
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive 1 message or 2 MJPEG video data by sniffing the network...