Lucene search
K

812 matches found

securityvulns
securityvulns
added 2013/10/09 12:0 a.m.73 views

CyberArk User Enumeration - Multiple vulnerabilities

Security Advisory - CyberArk User Enumeration - Multiple vulnerabilities ======================================================================== Summary : CyberArk Vault was found prone to multiple user enumeration/harvesting vulnerabilities. Date : 1 August 2013 Affected versions : All Vault...

6.9AI score0.01113EPSS
Exploits0
Kitploit
Kitploit
added 2013/08/14 3:11 a.m.13 views

[Samurai Web Testing Framework v2.1] Live linux environment that has been pre-configured to function as a web pen-testing environment

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/10 7:35 p.m.12 views

South Korea Blames North Korea for March Cyberattack

Officials from the Republic of Korea are saying North Korea’s military intelligence agency was responsible for the mid-March malware attacks that knocked several prominent South Korean banks and broadcasters offline, according to a Dow Jones Newswire report. The South Korean Science Ministry...

1.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2013/03/19 7:4 p.m.124 views

Attacks on SCADA, ICS Honeypots Modified Critical Operations

With antiquated gear running the country’s industrial control systems that oversee critical infrastructure, it’s no shock attackers targeting SCADA networks do their fair share of reconnaissance looking for weak spots in that equipment. A researcher decided to put that theory to a practical test...

9.3CVSS0.3AI score0.99966EPSS
Exploits12References2
n0where
n0where
added 2013/01/04 11:10 p.m.47 views

Network Anti-Reconnaissance Tool: Nova

Nova: Network Anti-Reconnaissance Tool The Network Obfuscation and Virtualized Anti-Reconnaissance Nova system is an open-source software tool developed to detect network based reconnaissance efforts, to deny the attacker access to real network data while providing false information regarding the...

0.8AI score
Exploits0References1
The Hacker News
The Hacker News
added 2012/12/05 1:32 p.m.6 views

New U.S. drone hacked by IRAN ? Reality or propaganda?

It's known, drones are privileged vehicles for reconnaissance and attacks, technology has achieved level of excellence and their use is largely diffused, that's why defense companies are providing new solution to make them increasingly effective. But the incredible amount of technological...

6.7AI score
Exploits0
0day.today
0day.today
added 2012/10/27 12:0 a.m.40 views

HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow

This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component coda.exe when parsing requests for the 0x8c opcode. This Metasploit module has been tested successfully on HP Operatio...

7.3AI score0.64685EPSS
Exploits8
ThreatPost
ThreatPost
added 2012/06/07 5:54 p.m.8 views

Report: North Korea Accused Of DDoS Attack On South Korean Airport

North Korean agents have been linked to a malware attack on a South Korea’s Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper. The paper, citing the Seoul Metropolitan Police Agency, said that a 39 year-old South Korean man was arrested for...

7.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2012/04/10 5:21 p.m.9 views

Zeus Variant Targeting Cloud-Based Payroll Service

There is a new Zeus Trojan variant that is targeting the Canadian human resources and payroll service provider, Ceridian. The attack mixes malware infection with social engineering. Trusteer’s Amit Klein explains that Zeus takes a screenshot of Ceridian’s log-in, then, when a user with an infecte...

2.1AI score
Exploits0References2
The Hacker News
The Hacker News
added 2012/01/28 9:0 p.m.8 views

FBI will Monitor Social Media using Crawl Application

FBI will Monitor Social Media using Crawl Application The Federal Bureau of Investigation is looking for a better way to spy on Facebook and Twitter users. The Bureau is asking companies to build software that can effectively scan social media online for significant words, phrases and behavior so...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2011/10/11 4:50 p.m.13 views

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release The third beta of OWASP Mantra Security Toolkit has been released. One of the main features of this version is the multi-language support. Mantra now supports Hindi and Spanish, in addition to English. If you can give us a helping hand by...

7.2AI score
Exploits0
Saint
Saint
added 2011/09/07 12:0 a.m.27 views

MPlayer SAMI Subtitle File Overflow

Added: 09/07/2011 BID: 49149 OSVDB: 74604 Background MPlayer is an open source media player with support for many operating systems. Problem MPlayer does not properly validate the contents of Synchronized Accessible Media Interchange SAMI caption files. If a video references a malformed SAMI file...

0.1AI score
Exploits0
Metasploit
Metasploit
added 2011/08/21 11:40 p.m.43 views

BNAT Router

This module will properly route BNAT traffic and allow for connections to be established to machines on ports which might not otherwise be accessible. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/10 10:51 a.m.9 views

Hackers Get Hacked at #Defcon 19 Conference

Hackers Get Hacked at Defcon 19 Conference There are so many ways to get hacked at the world's largest hacker conference. A hacker could bump against your pocket with a card reader that steals your credit card information. Or a hacker might eavesdrop on your Internet traffic through an unsecured...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/07/19 4:13 p.m.7 views

Malicious PDF Attack Baiting Defense Industry Victims

There has been a spate of spear-phishing attacks against a number of high-profile targets in the last few months, including RSA and others, and that trend is continuing unabated. Researchers have come across a fresh attack using the familiar malicious PDF attachment that appears to be targeting...

1.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/06/21 8:19 p.m.13 views

Google's New Tool, DOM Snitch, Finds JavaScript Flaws

Google announced on Tuesday the availability of a new free application testing tool, dubbed “DOM Snitch,” that it says will help Web application developers find vulnerabilities in client side Web applications. The new application is a Chrome browser extension that works by injecting hooks into a...

1.1AI score
Exploits0References4
The Hacker News
The Hacker News
added 2011/04/29 7:50 a.m.13 views

Live Hacking DVD v1.3 Beta - Download !

Live Hacking DVD v1.3 Beta - Download ! Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this 'Live CD" runs directly from the DVD and doesn't require installation on your...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2010/12/18 1:38 a.m.9 views

Metasploit 3.5.1 adds Cisco device exploitation !

Metasploit now enables security professionals to exploit Cisco devices, performs passive reconnaissance through traffic analysis, provides more exploits and evaluates an organization's password security by brute forcing an ever increasing range of services. This latest release adds stealth...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2010/12/16 1:48 a.m.8 views

Mantra: A Browser based Security Framework !

Mantra is a dream that came true for the author. It is a collection of free and open source tools integrated into a web browser – Firefox, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and...

7.2AI score
Exploits0
CERT
CERT
added 2010/06/24 12:0 a.m.122 views

S2 NetBox allows unauthenticated HTTP access to node logs, backups, and employee photographs

Overview S2 NetBox and related products do not adequately restrict access to node logs, backups, and employee photographs. A remote, unauthenticated attacker could use information obtained from a vulnerable system to aid in further attacks. Description S2 NetBox is a line of "...open architecture...

5CVSS6.8AI score0.01918EPSS
Exploits1References4
Rows per page
Query Builder