46 matches found
What is the Cb Predictive Security Cloud (PSC)?
In today’s new reality, the device, and the people operating those devices, have taken center stage. Whether in your office or at a Starbucks, your endpoints now have access to some of your organization’s most sensitive data via cloud services, such as Salesforce.com, Office 365, and the Google...
Excerpts from Preparing for NGAV at Scale: Fastest Investigation & Response
Carbon Black recently published a guide to help enterprises gauge their readiness in their initial search for next-generation antivirus, or NGAV; this is an excerpt from that guide, which you can find here. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps...
macOS / iOS Kernel 10.12.3 (16D32) - bpf Heap Overflow Exploit
Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1125 The bpf ioctl BIOCSBLEN allows userspace to set the bpf buffer length: case BIOCSBLEN: / uint / if d-bdbif != 0 error = EINVAL; else uint size; bcopyaddr, &size, sizeof siz...
Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)
No description provided by source. import socket, sys , base64, struct, string, urllib from getopt import getopt as GetOpt, GetoptError from uuid import getnode as getmac import SimpleHTTPServer, SocketServer TIMELINE ''' 3/16/2016 - First Submission to Belkin no response 5/3/2016 - Second...
Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)
import socket, sys , base64, struct, string, urllib from getopt import getopt as GetOpt, GetoptError from uuid import getnode as getmac import SimpleHTTPServer, SocketServer TIMELINE ''' 3/16/2016 - First Submission to Belkin no response 5/3/2016 - Second Submission to Belkin no response 6/4/2016...
HackerOne Vulnerability Coordination Maturity Model
The proliferation of independent and vendor-sponsored bug bounties has not only put some money in researchers’ pockets, but has also forced enterprises—and software makers—to put processes in place to handle outside bug reports. “Saying you want one is not enough,” said Katie Moussouris, chief...