Lucene search
K

639 matches found

ThreatPost
ThreatPost
added 2013/09/16 1:33 p.m.9 views

Dropbox installations hinder effectiveness of ASLR.

UPDATE: The popular cloud storage service Dropbox was reportedly undercutting the efficacy of access space layout randomization ASLR by failing to enable that feature within the dynamic link libraries DLLs it injects into other applications. The company now claims it has resolved the issue. Graha...

0.4AI score
Exploits0References3
Packet Storm
Packet Storm
added 2013/09/14 12:0 a.m.32 views

WordPress Simple Dropbox 1.8.8 Shell Upload

Exploit Title : Wordpress Simple Dropbox Upload plugin File Upload Exploit Author : Ashiyane Digital Security Team Download Link : http://wordpress.org/plugins/simple-dropbox-upload-form/ Home : www.Ashiyane.org Version : 1.8.8 Security Risk : High Dork :...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/09/12 8:5 a.m.6 views

Kaspersky revealed "Kimsuky" Cyber Espionage campaign targeting South Korea

Russian Security Firm Kaspersky Lab has revealed that it has been following a sustained attack on South Korea by hackers seemingly based in North Korea., This new Cyber Espionage campaign dubbed "Kimsuky" has targeted several South Korean think tanks. Researchers believe the Kimsuky malware is mo...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/09/11 9:5 p.m.27 views

Kaspersky revealed "Kimsuky" Cyber Espionage campaign targeting South Korea

Russian Security Firm Kaspersky Lab has revealed that it has been following a sustained attack on South Korea by hackers seemingly based in North Korea., This new Cyber Espionage campaign dubbed "Kimsuky" has targeted several South Korean think tanks. Researchers believe the Kimsuky malware is mo...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/08/29 4:4 p.m.9 views

Researchers Reverse Engineer Dropbox

Researchers have cracked open cloud storage service Dropbox, reverse engineering the encryption protecting the client in order to open it up to further security analysis. The engineers, Dhiru Kholia of Openwall and Przemyslaw Wegrzyn of CodePainters, also managed to demonstrate how to use...

1.3AI score
Exploits0References2
exploitpack
exploitpack
added 2013/07/16 12:0 a.m.20 views

Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities

Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities Title: ====== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Date: ===== 2013-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1009 VL-ID: ===== 1009 Common Vulnerability Scoring System:...

0.3AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2013/07/12 12:0 a.m.29 views

Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities

Document Title: =============== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1009 Release Date: ============= 2013-07-12 Vulnerability Laboratory ID VL-ID: ====================================...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/07/08 12:0 a.m.49 views

AOL Instant Messenger 8.0.1.5 Binary Planting

!/bin/bash AOL Instant Messenger 8.0.1.5 Jul 2013 Exploit Windows XP/7 tested and working. Leverages binary file planting to My Documents via AIMs advertisement code. Little social engineering built in using javascript to try to get them to run the AIMInstall.exe. Starts a reverse shell back to...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/05 2:4 p.m.10 views

Hacking DropBox account, Vulnerability allows hacker to bypass Two-Factor Authentication

Q-CERT team found a critical vulnerability that allows the attacker to bypass the two-factor authentication in the most popular file sharing service 'DropBox'. Two Factor Authentication is an extra layer of security that is known as "multi factor authentication" that requires not only a password...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/05 3:4 a.m.24 views

Hacking DropBox account, Vulnerability allows hacker to bypass Two-Factor Authentication

Q-CERT team found a critical vulnerability that allows the attacker to bypass the two-factor authentication in the most popular file sharing service 'DropBox'. Two Factor Authentication is an extra layer of security that is known as “multi factor authentication” that requires not only a password...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2013/05/13 10:52 a.m.47 views

USAID a Target of DoL Watering Hole Attackers

One of the nine sites serving malware tied to the recent watering hole attack on the U.S. Department of Labor was located in Cambodia and has ties to the United States Agency for International Development USAID. Speculation has it that the DoL attack was targeting downstream employees at the...

9.3CVSS8.8AI score0.77889EPSS
Exploits11References4
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.92 views

WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability

The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks. After installing the plugin on a Windows machine, I created a text file in the root of C: named "test.txt", which...

6.8AI score
Exploits0
0day.today
0day.today
added 2013/05/03 12:0 a.m.26 views

WordPress Advanced XML Reader 0.3.4 XXE Injection Vulnerability

WordPress Advanced XML Reader plugin version 0.3.4 suffers from a XXE XML eXternal Entity injection vulnerability The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2013/05/02 12:0 a.m.20 views

WordPress Advanced XML Reader 0.3.4 XXE Injection

The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks. After installing the plugin on a Windows machine, I created a text file in the root of C:\ named "test.txt", which...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/10 6:55 p.m.9 views

Microsoft Reportedly Adding Two-Factor Authentication to User Accounts

Microsoft reportedly will implement two-factor authentication on users’ accounts at some point down the line, according to reports this week. Microsoft fansite Liveside.net first reported about the company’s plans yesterday with a blog post that includes a handful of screenshots from the purporte...

7.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/04/04 5:47 p.m.10 views

Skype, Dropbox Patch Critical Facebook Authentication Bugs

UPDATE Popular applications Skype and Dropbox fixed holes in their websites this week that could have allowed an attacker to gain control of users’ Facebook accounts. In what’s technically being referred to as an “open direct vulnerability,” both applications failed to validate sites before sendi...

0.8AI score
Exploits0References8
The Hacker News
The Hacker News
added 2013/04/04 4:47 p.m.5 views

URL Redirection flaw in Facebook apps push OAuth vulnerability again in action

In earlier posts, our Facebook hacker 'Nir Goldshlager' exposed two serious Facebook oAuth Flaws. One, Hacking a Facebook account even without the user installing an application on their account and second, various ways to bypassing the regex protection in Facebook OAuth. This time, Nir illustrat...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2013/03/06 12:0 a.m.42 views

Remote File Manager 1.2 iOS - Multiple Vulnerabilities

Remote File Manager 1.2 iOS - Multiple Vulnerabilities Title: ====== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=882 VL-ID: ===== 882 Common Vulnerability Scoring System:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2013/03/05 12:0 a.m.34 views

Remote File Manager 1.2 XSS / Local File Inclusion

Title: ====== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=882 VL-ID: ===== 882 Common Vulnerability Scoring System: ==================================== 6.1 Introduction: ============...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2013/03/01 4:35 p.m.8 views

Dropbox Users Reporting More Spam Following Last Summer's Breach

It appears the breach of cloud-based storage service Dropbox last year has spurned another wave of spam over the last week or so. Users began posting complaints on the service’s Bugs and Troubleshooting forum yesterday claiming that their Dropbox-specific accounts started receiving spam again las...

0.6AI score
Exploits0References8
Rows per page
Query Builder