54 matches found
Multiple Mozilla Products Cross-Border Write Vulnerability
Mozilla Firefox, Firefox ESR, and Thunderbird are products developed by the Mozilla Foundation.Firefox is an open source web browser, and Firefox ESR is an extended support version of Firefox.Thunderbird is a standalone email client from the Mozilla Thunderbird is a separate email client software...
Google Chrome Cross-Border Access Vulnerability
Google Chrome is a web browser developed by the American company Google Google. Google Chrome suffers from an out-of-bounds access vulnerability. An attacker can exploit this vulnerability to cause out-of-bounds reads and writes, resulting in inline fields e.g., lastIndex being changed to...
Google Android Qualcomm Component Information Disclosure Vulnerability (CNVD-2018-06612)
Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, of which Qualcomm WLAN is a wireless LAN component. An information disclosure vulnerability exists in Qualcomm WLAN in Android. An attacker could exploit this vulnerability to obtain...
Multiple Huawei products cross-border read vulnerability (CNVD-2018-02555)
Huawei AR series routers, SRG series routing gateways, NetEngine16EX, and other products from Huawei China. The out-of-bounds read vulnerability exists in multiple Huawei products and is due to the device failing to adequately validate input. A remote attacker could exploit this vulnerability by...
IGF proves the value of bottom-up, multi-stakeholder model in cyberspace policy-making
In December, the Internet Governance Forum IGF brought the world together to talk about the internet. I tend to take a definite interest in cybersecurity, but there were many more important topics discussed. They ranged from diversity in the technology sector through to philosophy in the digital...
Google Chrome V8 out-of-bounds access vulnerability (CNVD-2017-34844)
Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. A security vulnerability exists in Google Chrome V8. A remote attacker can exploit the vulnerability to cause cross-border access...
Microsoft Windows Server 2008 R2 (x64) - SrvOs2FeaToNt SMB Remote Code Execution (MS17-010)
Microsoft Windows Server 2008 R2 x64 - SrvOs2FeaToNt SMB Remote Code Execution MS17-010 Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: May, 9 2017 - 13:00PM Found this and more exploits on my open source security project: http://www.exploitpack.com...
Google Pleads for Better Cross-Border Exchange of Digital Evidence
Google said it is receiving a growing number of cross-border requests for user data to be used as evidence in criminal prosecutions. The volume of requests is also exposing weaknesses in the existing process for exchanging data between countries called the Mutual Legal Assistance Treaties MLAT,...
NSA Eternalblue SMB vulnerability analysis-vulnerability warning-the black bar safety net
Environment TROJAN: Eternalblue-2.2.0.exe TARGET: win7 sp1 32bits srv.sys 6.1.7601.17514 srvnet.sys 6.1.7601.17514 PATCH: MS17-010 The vulnerability principle srv. sys in the processing SrvOs2FeaListSizeToNt when logic is incorrect resulting in cross-border copy. We first look at the vulnerabilit...
QEMU SCSI Denial of Service Vulnerability
QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU's SCSI. An attacker could exploit this vulnerability to cause a denial of service crash and cross-border access...
Hacker wanted by FBI held in India For Carding Crimes
Nikhil Kolbekar, aka HellsAngel, was arrested on July 11 in Mumbai, India. Eric Bogle, known as Swat Runs Train, and Justin Mills, or xTGxKAKAROT, were taken into custody in Canada, respectively Colorado, US. HellsAngel and Bogle is suspected of selling complete credit card details, including...
Palestine : Hackers have taken down phone and Internet services
Palestine : Hackers have taken down phone and Internet services The main phone network in the West Bank and Gaza has suffered a sustained attack by computer hackers, the Palestinian Authority PA says. Mashour Abou Daqqa, the Palestinian telecoms minister, said the disruptions, which began Tuesday...
Taiwan Struggles To Combat Attacks From China
Cyber crime, online fraud and copyright infringement are growing rapidly in Taiwan as law enforcement officials, law makers and the courts struggle to stay abreast of the problem, according to a local prosecutor says. In a Webcast presented to students and faculty at Harvard’s Berkman Center for...
Visa: New Tools Could Spot Additional $1.5b In Fraud
Credit card giant Visa Inc. said on Thursday that an update to its anti-fraud technology will make it easier to spot sophisticated credit card fraud that spans national borders. Visa said the update amounted to a major upgrade of Visa Advanced Authentication, the company’s real time risk scoring...