Lucene search
+L

151 matches found

Packet Storm
Packet Storm
added 2018/03/08 12:0 a.m.54 views

Panda Global Security 17.0.1 NULL DACL Grants Full Access

===== Tempest Security Intelligence - ADV-17/2018 === Panda Global Security 17.0.1 - NULL DACL grants full access ------------------------------------------------------- Author: - Filipe Xavier Oliveira: ===== Table of Contents ===================================================== Overview Detail...

7.6AI score0.00299EPSS
Exploits1
Packet Storm
Packet Storm
added 2018/03/08 12:0 a.m.54 views

WPS Free Office 10.2.0.5978 NULL DACL Grants Full Access

===== Tempest Security Intelligence - ADV-16/2018 === WPS Free Office 10.2.0.5978 - NULL DACL grants full access ------------------------------------------------------- Author: - Filipe Xavier Oliveira: filipe.xavier tempest.com.br ===== Table of Contents...

7.6AI score0.00336EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/03/08 12:0 a.m.55 views

Panda Global Security 17.0.1 Unquoted Service Path

===== Tempest Security Intelligence - ADV-18/2018 === Panda Global Security 17.0.1 - Unquoted service path ------------------------------------------------------- Author: - Filipe Xavier Oliveira: sc qc pandaurlfiltering SERVICENAME: pandaurlfiltering TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2...

7.6AI score0.00342EPSS
Exploits1
Packet Storm
Packet Storm
added 2018/03/08 12:0 a.m.53 views

Hola VPN 1.79.859 Insecure Service Permissions

===== Tempest Security Intelligence - ADV-22/2018 === Hola VPN 1.79.859 - Insecure service permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: ===== Table of Contents ===================================================== Overview Detailed...

8.7AI score0.0087EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/03/08 12:0 a.m.57 views

10-Strike Network Monitor 5.4 Unquoted Service Path

===== Tempest Security Intelligence - ADV-20/2018 === 10-Strike Network Monitor 5.4 - Unquoted Service Path ------------------------------------------------------- Author: - Filipe Xavier Oliveira: sc qc srvInventoryWebServer SC QueryServiceConfig SUCCESS SERVICENAME: srvInventoryWebServer TYP...

7.6AI score0.00348EPSS
Exploits1
0day.today
0day.today
added 2018/03/07 12:0 a.m.83 views

Rapid Scada 5.5.0 Insecure Permissions Vulnerability

Exploit for windows platform in category local exploits Rapid Scada - 5.5.0 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: icacls SCADA SCADA BUILTIN\Administrators:IF BUILTIN\Administrators:IOICIIOF NT AUTHORITY\SYSTEM:IF NT...

7.2CVSS7.4AI score0.00577EPSS
Exploits3
Packet Storm
Packet Storm
added 2018/03/06 12:0 a.m.74 views

Rapid Scada 5.5.0 Insecure Permissions

===== Tempest Security Intelligence - ADV-21/2018 === Rapid Scada - 5.5.0 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: icacls SCADA SCADA BUILTIN\Administrators:IF BUILTIN\Administrators:IOICIIOF NT AUTHORITY\SYSTEM:IF NT...

0.1AI score0.00577EPSS
Exploits3
Imperva Blog
Imperva Blog
added 2018/01/25 4:15 p.m.28 views

Improve the ROI of Your Database Protection Investment

When an organization considers switching a mission-critical compliance or security system from one vendor’s solution to another it’s a very big decision. There is expense involved in acquiring the new solution, it will take time and money to deploy and retrain staff, and it will take careful...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/01/04 1:47 p.m.34 views

“Ready Player One” – Are you Ready to Protect Your Endpoints from the Bad Guys?

At times it can feel like a game as you watch the cyber-breach scorecards. Yahoo 3 billion users, Equifax 143 million consumers, Uber 57 million users, Imgur 1.7 million users are just a sample of the companies that have released new information on large breaches in the last few months...

6.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/12/21 2:40 a.m.11 views

We’re moving to Microsoft Secure

We’re packing up and moving! Starting January 2018, we’ll move our blogs to Microsoft Secure. At Microsoft Secure, you will find technical information for Office 365, Microsoft Azure, and Windows, alongside product updates, cybersecurity guidance, industry trends, and more. You can expect the sam...

6.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/11/22 8:59 p.m.97 views

SOC Forum 2017: How I Learned to Stop Worrying and Love Massive Malware Attacks

Today I spoke at SOC Forum 2017 in Moscow. It was a great large-scale event about Security Operation Centers. 2,700 people registered. Lots of people in suits . And lots of my good fellows. The event was held in Radisson Royal Congress Park. There were three large halls for presentations and a hu...

6.7AI score
Exploits0
0day.today
0day.today
added 2017/11/01 12:0 a.m.74 views

Sync Breeze 10.1.16 Buffer Overflow Vulnerability

Sync Breeze version 10.1.16 is vulnerable to a buffer overflow vulnerability, which can be exploited remotely or locally to achieve arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" path of the application. Sync Breeze 10.1.16 Buffer Overfl...

6.8CVSS8.2AI score0.05507EPSS
Exploits4
The Hacker News
The Hacker News
added 2017/10/26 11:57 p.m.215 views

Bad Rabbit Ransomware Uses Leaked 'EternalRomance' NSA Exploit to Spread

A new widespread ransomware worm, known as "Bad Rabbit," that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims' networks. Earlier it was reported that this week's...

9.3CVSS8.2AI score0.8985EPSS
Exploits18
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/09/06 2:58 p.m.873 views

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

In the first six months of 2017, ransomware threats reached new levels of sophistication. The same period also saw the reversal of a six-month downward trend in ransomware encounters. New ransomware code was released at a higher rate with increasing complexity. Two high-profile ransomware inciden...

9.3CVSS8.5AI score0.9923EPSS
Exploits56
Akamai Blog
Akamai Blog
added 2017/08/15 4:4 p.m.39 views

Akamai Is Named A Leader In Gartner's Magic Quadrant For Web Application Firewalls

"Don't work for recognition, but do work worthy of recognition" - H. Jackson Brown. A friend sent this quote to me after I explained to her my ambivalence about being recognized by Gartner as a "Leader" in their Web Application Firewall Magic Quadrant. I had mixed feelings because I wanted to...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/28 5:18 a.m.25 views

Microsoft Adding Artificial-Intelligence Based Advanced Antivirus to Windows 10

Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release. With the launch of its Windows 10 Creator Update also known as RedStone 3,...

6.5AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/03/27 2:21 p.m.22 views

Supply Chain Security: Akamai from a Customer's Risk Perspective

Managing risk is a key aspect of any business. This becomes more complicated when additional parties, such as vendors are brought into the mix. One of the strongest pieces of guidance on managing vendors that customers have brought to Akamai comes from the US Office of the Comptroller of the...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2017/01/20 12:0 a.m.71 views

Ghost Blog 0.11.3 Cross Site Scripting

===== Tempest Security Intelligence - ADV-9/2017 ======================== Persistent Cross-Site Scripting XSS in Ghost ------------------------------------------------------- Author: - Patrick Costa Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/01/20 12:0 a.m.52 views

Ghost Blog 0.11.3 Cross Site Scripting Vulnerability

Tempest Security Intelligence Advisory ADV-9/2017 - Ghost Blog version 0.11.3 suffers from a persistent cross site scripting vulnerability. Persistent Cross-Site Scripting XSS in Ghost ------------------------------------------------------- Author: - Patrick Costa Tempest Security Intelligence -...

6.7AI score
Exploits0
0day.today
0day.today
added 2017/01/04 12:0 a.m.49 views

Audacity 2.1.2 DLL Hijacking Vulnerability

Tempest Security Intelligence Advisory ADV-7/2016 - Audacity version 2.1.2 is vulnerable to dll hijacking as it tries to load avformat-55.dll without supplying the absolute path, thus relying upon the presence of such dll on the system directory. This behavior results in an exploitable dll...

6.9AI score
Exploits0
Rows per page
Query Builder