Lucene search
+L

51 matches found

The Hacker News
The Hacker News
added 2023/03/29 11:43 a.m.2 views

4 Steps to Creating a Powerful Research Lab for Reverse Engineering

However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we'll look at 4 ways to create a reverse engineering lab, discuss how to save time, and, potentially, improve the detection rate using a sandbox-as-a-service, and a recommended lis...

6.8AI score
Exploits0
Fedora
Fedora
added 2022/12/11 1:27 a.m.45 views

[SECURITY] Fedora 37 Update: bcel-6.5.0-3.fc37

The Byte Code Engineering Library formerly known as JavaClass is intended to give users a convenient possibility to analyze, create, and manipulate binary Java class files those ending with .class. Classes are represented by objects which contain all the symbolic information of the given class:...

9.8CVSS1AI score0.02836EPSS
Exploits0
CVE
CVE
added 2022/02/09 10:5 p.m.95 views

CVE-2022-22544

SAP Solution Manager 720’s Diagnostics Root Cause Analysis Tool suffers from insufficient access control, enabling an administrator to execute code on all connected Diagnostics Agents and browse their files. This could allow an attacker with admin privileges to control managed systems, leading to...

9.1CVSS9.3AI score0.01399EPSS
Exploits0References2Affected Software1
Gitee
Gitee
added 2021/03/07 7:11 p.m.4 views

Software-Security-Learning

It is an offensive tool for binary exploitation. The primary CVE ID is not explicitly mentioned, but the repository contains information on various software security topics, including binary exploitation. The target product/service or framework is not specified, but the repository includes tools...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/02 10:13 a.m.5 views

Sigma Rules to Live Your Best SOC Life

Security Operations is a 24 x 7 job. It does not stop for weekends or holidays or even that much-needed coffee break after the first hour of the shift is complete. We all know this. Every SOC engineer is hoping for some rest at some point. One of my favorite jokes when talking about Security...

5.9AI score
Exploits0
CNVD
CNVD
added 2020/04/08 12:0 a.m.2 views

Unspecified Vulnerability in HCL Technologies AppScan Standard Edition

HCL Technologies AppScan Standard Edition is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. HCL Technologies AppScan Standard Edition suffers from an unspecified vulnerability that stems from an incorrect account lockout...

9.8CVSS6.9AI score0.01032EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2020/01/16 3:0 p.m.42 views

Introducing Microsoft Application Inspector

Modern software development practices often involve building applications from hundreds of existing components, whether they’re written by another team in your organization, an external vendor, or someone in the open source community. Reuse has great benefits, including time-to-market, quality, a...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2020/01/09 8:50 p.m.39 views

TuxResponse - Linux Incident Response

TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but...

7.2AI score
Exploits0References1
Talos Blog
Talos Blog
added 2019/06/05 12:45 a.m.548 views

It's alive: Threat actors cobble together open-source pieces into monstrous Frankenstein campaign

This blog was authored by Danny Adamitis, David Maynor and Kendall McKay. Executive summary Cisco Talos recently identified a series of documents that we believe are part of a coordinated series of cyber attacks that we are calling the "Frankenstein" campaign. We assess that the attackers carried...

9.3CVSS8.8AI score0.99945EPSS
Exploits33
Schneier on Security
Schneier on Security
added 2019/05/08 11:3 a.m.61 views

Malicious MS Office Macro Creator

Evil Clippy is a tool for creating malicious Microsoft Office macros: At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. Amongst others, Evil Clippy can hide VBA macros, stomp VBA code via p-code and confuse...

2.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/04/12 11:25 a.m.55 views

New Version of Flame Malware Discovered

Flame was discovered in 2012, linked to Stuxnet, and believed to be American in origin. It has recently been linked to more modern malware through new analysis tools that find linkages between different software. Seems that Flame did not disappear after it was discovered, as was previously though...

2AI score
Exploits0
n0where
n0where
added 2018/04/08 3:0 p.m.23 views

Network Security Monitoring: Security Onion

Network Security Monitoring NSM is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2017/07/17 2:9 p.m.10 views

FreeRADIUS Update Patches Bugs Static Analysis Tools Missed

FreeRADIUS, the popular open source RADIUS server, today published updates that include fixes for a number of security issues uncovered by a custom fuzzer built by Dutch researcher Guido Vranken. Vranken used a custom version of libFuzzer to find a handful of serious bugs in OpenVPN that were...

0.1AI score
Exploits0References3
Kitploit
Kitploit
added 2017/05/30 3:30 p.m.19 views

Faraday v2.5 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

7.1AI score
Exploits0References2
CNVD
CNVD
added 2017/05/03 12:0 a.m.5 views

GNU Binutils Buffer Overflow Vulnerability (CNVD-2017-06998)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. GNU Binutils suffers from a buffer...

7.5CVSS8AI score0.01968EPSS
Exploits0References1
OSV
OSV
added 2017/05/01 6:59 p.m.2 views

UBUNTU-CVE-2017-8397

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocs with negative addresses. This vulnerability causes programs that conduct an...

7.5CVSS6.9AI score0.01846EPSS
Exploits0References3
OSV
OSV
added 2017/05/01 6:59 p.m.4 views

UBUNTU-CVE-2017-8398

dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash...

7.5CVSS6.9AI score0.01968EPSS
Exploits0References3
n0where
n0where
added 2017/02/13 9:0 p.m.33 views

Malware Information Sharing Platform: MISP

Malware Information Sharing Platform MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is...

6.8AI score
Exploits0References7
n0where
n0where
added 2016/12/07 6:19 a.m.26 views

Malware Analysis Windows VM: Malboxes

Malware Analysis Windows VM Vagrant box builder and config generator for malware analysis. The malware battle online is far from being over. Several thousands of new malware binaries are collected by antivirus companies every day. Most organizations don’t have the expertise on staff to know if th...

0.2AI score
Exploits0References2
Exploit DB
Exploit DB
added 2016/10/24 12:0 a.m.32 views

EC-CUBE 2.12.6 - Server-Side Request Forgery

Exploit Title: EC-CUBE 2.12.6 Server-Side Request Forgery Date: 22/10/16 Exploit Author: Wad Deek Vendor Homepage: http://en.ec-cube.net/ Software Link: http://en.ec-cube.net/download/ Version: 2.12.6en-p1 Tested on: Xampp on Windows7 Fuzzing tool:...

7.4AI score
Exploits0
Rows per page
Query Builder