51 matches found
4 Steps to Creating a Powerful Research Lab for Reverse Engineering
However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we'll look at 4 ways to create a reverse engineering lab, discuss how to save time, and, potentially, improve the detection rate using a sandbox-as-a-service, and a recommended lis...
[SECURITY] Fedora 37 Update: bcel-6.5.0-3.fc37
The Byte Code Engineering Library formerly known as JavaClass is intended to give users a convenient possibility to analyze, create, and manipulate binary Java class files those ending with .class. Classes are represented by objects which contain all the symbolic information of the given class:...
CVE-2022-22544
SAP Solution Manager 720’s Diagnostics Root Cause Analysis Tool suffers from insufficient access control, enabling an administrator to execute code on all connected Diagnostics Agents and browse their files. This could allow an attacker with admin privileges to control managed systems, leading to...
Software-Security-Learning
It is an offensive tool for binary exploitation. The primary CVE ID is not explicitly mentioned, but the repository contains information on various software security topics, including binary exploitation. The target product/service or framework is not specified, but the repository includes tools...
Sigma Rules to Live Your Best SOC Life
Security Operations is a 24 x 7 job. It does not stop for weekends or holidays or even that much-needed coffee break after the first hour of the shift is complete. We all know this. Every SOC engineer is hoping for some rest at some point. One of my favorite jokes when talking about Security...
Unspecified Vulnerability in HCL Technologies AppScan Standard Edition
HCL Technologies AppScan Standard Edition is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. HCL Technologies AppScan Standard Edition suffers from an unspecified vulnerability that stems from an incorrect account lockout...
Introducing Microsoft Application Inspector
Modern software development practices often involve building applications from hundreds of existing components, whether they’re written by another team in your organization, an external vendor, or someone in the open source community. Reuse has great benefits, including time-to-market, quality, a...
TuxResponse - Linux Incident Response
TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but...
It's alive: Threat actors cobble together open-source pieces into monstrous Frankenstein campaign
This blog was authored by Danny Adamitis, David Maynor and Kendall McKay. Executive summary Cisco Talos recently identified a series of documents that we believe are part of a coordinated series of cyber attacks that we are calling the "Frankenstein" campaign. We assess that the attackers carried...
Malicious MS Office Macro Creator
Evil Clippy is a tool for creating malicious Microsoft Office macros: At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. Amongst others, Evil Clippy can hide VBA macros, stomp VBA code via p-code and confuse...
New Version of Flame Malware Discovered
Flame was discovered in 2012, linked to Stuxnet, and believed to be American in origin. It has recently been linked to more modern malware through new analysis tools that find linkages between different software. Seems that Flame did not disappear after it was discovered, as was previously though...
Network Security Monitoring: Security Onion
Network Security Monitoring NSM is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an...
FreeRADIUS Update Patches Bugs Static Analysis Tools Missed
FreeRADIUS, the popular open source RADIUS server, today published updates that include fixes for a number of security issues uncovered by a custom fuzzer built by Dutch researcher Guido Vranken. Vranken used a custom version of libFuzzer to find a handful of serious bugs in OpenVPN that were...
Faraday v2.5 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...
GNU Binutils Buffer Overflow Vulnerability (CNVD-2017-06998)
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. GNU Binutils suffers from a buffer...
UBUNTU-CVE-2017-8397
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocs with negative addresses. This vulnerability causes programs that conduct an...
UBUNTU-CVE-2017-8398
dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash...
Malware Information Sharing Platform: MISP
Malware Information Sharing Platform MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is...
Malware Analysis Windows VM: Malboxes
Malware Analysis Windows VM Vagrant box builder and config generator for malware analysis. The malware battle online is far from being over. Several thousands of new malware binaries are collected by antivirus companies every day. Most organizations don’t have the expertise on staff to know if th...
EC-CUBE 2.12.6 - Server-Side Request Forgery
Exploit Title: EC-CUBE 2.12.6 Server-Side Request Forgery Date: 22/10/16 Exploit Author: Wad Deek Vendor Homepage: http://en.ec-cube.net/ Software Link: http://en.ec-cube.net/download/ Version: 2.12.6en-p1 Tested on: Xampp on Windows7 Fuzzing tool:...