80 matches found
KLA12010 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, perform cross-site scripting attack, spoof user interface, execute arbitrary code, bypass security restrictions. Bel...
DeimosC2 - A Golang Command And Control Framework For Post-Exploitation
DeimosC2 is a post-exploitation Command & Control C2 tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front e...
BabyShark - Basic C2 Server
This is a basic C2 generic server written in Python and Flask. This code has based ideia to GTRS, which uses Google Translator as a proxy for sending commands to the infected host. The BabyShark project aims to centralize reverse connections with agents, creating a way to centralize several types...
Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders
Microsoft has announced the first testable version of DNS-Over-HTTPS DoH support, available for its Windows 10 operating system. Support for the DoH protocol, which Microsoft first announced in November, is available in the Windows 10 Insider Preview Build 19628. This is accessible for members of...
Simplifying the ISP Transition to DNS Encryption
New protocols to encrypt DNS traffic, DNS over HTTPS DoH and DNS over TLS DoT, have been a visible Internet topic for the past two years. Akamai participated in the definition of DoH/DoT standards and recently released support in the high-performance CacheServe resolver. Major features include:...
DNS over HTTPS
DNS over HTTPS DoH is a protocol for performing remote Domain Name System DNS resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks1 by using the HTTPS protocol to...
DNS Encryption at DNS OARC 32
The DNS DNS Operations, Analysis, and Research Center DNS OARC is an organization that, in their own words, works to "improve the security, stability, and understanding of the Internet's DNS infrastructure." They hold regular workshops where deployment experts, software developers, researchers, a...
openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2451-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2459)
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB...
openSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2451)
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB...
openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2459-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)
openSUSE Security Update: Security update for MozillaFirefox, MozillaFirefox-branding-SLE Announcement ID: openSUSE-SU-2019:2459-1 Rating: important References: 1104841 1129528 1137990 1149429 1151186 1153423 1153869 1154738 Cross-References: CVE-2019-11757 CVE-2019-11758 CVE-2019-11759...
SUSE-SU-2019:2871-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox: Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB...
curl: Resource leak when using a normal site as DOH server
Summary: If a DOH server is used, which is not really a DOH server but just a normal web server, the DNS request is sent but the reply will not be the expected DNS payload. In that case, curl correctly thinks DNS resolution failed, but it does not clean up allocated memory properly. Steps To...
Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78
Immediately after Mozilla announced its plan to soon enable 'DNS over HTTPS ' DoH by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78. Under development since 2017, 'DNS over HTTPS' perform...
PsiXBot Adds PornModule, Google DNS Service to Its Arsenal
The PsiXBot malware has made a few changes in recent weeks, including implementing Google’s DNS over HTTPS DoH and adding the blackmail-ready “PornModule” to its bag of tricks. PsiXBot is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and...
Google Announces DNS over HTTPS 'General Availability'
Google announced general availability of its Public DNS-over-HTTPS service Wednesday, based on the Internet Engineering Task Force’s RFC 8484 standard. The move is a culmination of three years of Google fine-tuning DNS over HTTPS, otherwise known as DoH. “Today we are announcing general...
CVE-2018-1000665
CVE-2018-1000665 affects the Dojo Dojo Objective Harness (DOH) prior to version 1.14. The vulnerability is an XSS in unit.html and related tests (testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js) that can cause a victim’s browser to execute injected s...
CVE-2018-1000665
Dojo Dojo Objective Harness DOH version prior to version 1.14 contains a Cross Site Scripting XSS vulnerability in unit.html and testsDOH/base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliv...
playdoh.hasbro.com XSS vulnerability
Vulnerable URL: https://playdoh.hasbro.com/en-gb/video/Play-Doh-Animated-Short---Ant-Farm?playlistid=4702548390001=%3C/script%3E%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...