Sniffle - A Sniffer For Bluetooth 5 And 4.X LE

Sniffle is a sniffer for Bluetooth 5 and 4.x LE using TI CC1352/CC26x2 hardware. Sniffle has a number of useful features, including: Support for BT5/4.2 extended length advertisement and data packets Support for BT5 Channel Selection Algorithms 1 and 2 Support for all BT5 PHY modes regular 1M, 2M...

How Does One Get Hired by a Top Cybercrime Gang?

The U.S. Department of Justice DOJ last week announced the arrest of a 55-year-old Latvian woman whos alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Just how di...

Fedora: Security Advisory for rubygem-rails (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Programmer Hacks Pregnancy Test to Play Doom

By Waqas A hardware and software reverse engineer managed to run Doom's fully functional game on a pregnancy test. This is a post from HackRead.com Read the original post: Programmer Hacks Pregnancy Test to Play Doom...

Coder-Turned-Kingpin Paul Le Roux Gets His Comeuppance

The programmer who became a flagrant drug lord and weapons trafficker was sentenced in New York City to 25 years in prison...

SimplePHPGal 0.7 - Remote File Inclusion Vulnerability

Exploit for php platform in category web applications Title: SimplePHPGal 0.7 - Remote File Inclusion Author: h4shur Vendor Homepage: https://johncaruso.ca Software Link: https://johncaruso.ca/phpGallery/ Software Link: https://sourceforge.net/projects/simplephpgal/ Tested on: Windows 10 & Google...

[SECURITY] Fedora 30 Update: limnoria-20191109-2.fc30

Supybot is a robust it doesn't crash, user friendly it's easy to configure and programmer friendly plugins are extremely easy to write Python IRC bot. It aims to be an adequate replacement for most existing IRC bots. It includes a very flexible and powerful ACL system for controlling access to...

OMRON CX-One CX-Programmer Program Use after Free (CVE-2019-6556)

A use-after-free vulnerability exists in OMRON CX-One CX-Programmer module. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Omron Cx-programmer Exposure of Sensitive Information to an Unauthorized Actor

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file. File data ot500185.nasl...

Omron Cx-programmer Exposure of Sensitive Information to an Unauthorized Actor

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. File data ot500217.nasl...

Programmer hacks his attacker; releases decryption keys for Mushtik ransomware

By Sudais "Hey guys, I hacked back this criminal and got the whole database with Mushtik ransomware keys." The last laugh - it's something that everyone would like to have. Turns out, a German programmer by the name of Tobias Fromel had it in a very dramatic fashion. It all started when he was...

OMRON CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Programmer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-6556

When processing project files, the application Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the...

Code injection

When processing project files, the application Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the...

CVE-2019-6556

CVE-2019-6556 affects Omron CX-Programmer v9.70 and older (within CX-One) and Common Components January 2019 and older. The flaw is a use-after-free during processing of CX project files, allowing an attacker who can entice a user to open a crafted project to execute code with the application’s p...

CVE-2019-6556

When processing project files, the application Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the...

Omron CX-Programmer

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Programmer within CX-One Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the...

LibreOffice Macro Code Execution

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...

Reddit Gold: Alice and Bob, Caught in a Web of Lies

Alice and Bob, the beloved or not-so-beloved, depending placeholder characters often used in cryptography examples, have been spotted in the middle of a web of deceit and intrigue by eagle-eyed Redditers. Think lies. Broken hearts. Even…murder. Yep, you heard that right. It all starts with the...

Information disclosure

Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions, The affected products do not encrypt or do not sufficiently encrypt the following sensitive information while at rest PII and PHI...