97 matches found
Code injection
The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory which has weak permissions...
CVE-2020-25289
The CVE-2020-25289 entry describes a local file-write vulnerability in the Avast SecureLine VPN service (pre-5.6.4982.470). The issue arises from an Object Manager symbolic link in the log directory that has weak permissions, allowing local users to write to arbitrary files. Some sources corrobor...
CVE-2020-25289
The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory which has weak permissions...
U.S. Dept Of Defense: [██████████.mil] Cisco VPN Service Path Traversal
Hi team. Summary The Cisco VPN Service at ██████.mil is vulnerable to the CVE-2020-3452 vulnerability, which allows path traversing within the web service's file system on the targeted device. Steps to Reproduce Make a GET request to: http...
Tales From the Trenches; a Lockbit Ransomware Story
ARCHIVED STORY Tales From the Trenches; a Lockbit Ransomware Story By ATR Operational Intelligence Team · APR 30, 2020 Co-authored by Marc RiveroLopez. In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past...
Domen toolkit gets back to work with new malvertising campaign
Last year, we documented a new social engineering toolkit we called "Domen" being used in the wild. Threat actors were using this kit to trick visitors into visiting compromised websites and installing malware under the guise of a browser update or missing font. Despite being a robust toolkit, we...
Avast, NordVPN Breaches Tied to Phantom User Accounts
Antivirus and security giant Avast and virtual private networking VPN software provider NordVPN each today disclosed months-long network intrusions that -- while otherwise unrelated -- shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with...
Mozilla Launches 'Firefox Private Network' VPN Service as a Browser Extension
Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to...
Best Piratebay Alternatives and Proxy List for Downloading Torrents
Are you looking for The Pirate Bay, Piratebay proxies, or alternatives to thepiratebay.se? You've come to the right place for the latest Piratebay news and a list of the best torrent sites. The Pirate Bay is one of the world's most famous and best torrent search engines. It allows users to downlo...
Cisco ASA Directory Traversal
This module exploits a directory traversal vulnerability in Cisco's Adaptive Security Appliance ASA software and Firepower Threat Defense FTD software. It lists the contents of Cisco's VPN web service which includes directories, files, and currently logged in users. This module requires Metasploi...
Cybercrime in the Spotlight: How Crooks Capitalize on Cultural Events
ARCHIVED STORY Cybercrime in the Spotlight: How Crooks Capitalize on Cultural Events By John Fokker · July 03, 2018 Every four years, everyone’s head around the globe turns toward the television. The Olympics, the World Cup – world events like these have all eyes viewing friendly competition...
The vulnerability of the nordvpn-service software’s VPN service allows a perpetrator to execute arbitrary code with SYSTEM privileges.
The vulnerability of the nordvpn-service software’s VPN service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with SYSTEM privileges using a single OpenVPN command...
Researcher Claims Hotspot Shield VPN Service Exposes You on the Internet
Virtual Private Network VPN is one of the best solutions you can have to protect your privacy and data on the Internet, but you should be more vigilant while choosing a VPN service which truly respects your privacy. If you are using the popular VPN service Hotspot Shield for online anonymity and...
Google to add "DNS over TLS" security feature to Android OS
No doubt your Internet Service Provides ISPs, or network-level hackers cannot spy on https communications. But do you know — ISPs can still see all of your DNS requests, allowing them to know what websites you visit. Google is working on a new security feature for Android that could prevent your...
Hotspot Shield VPN Accused of Spying On Its Users' Web Traffic
"Privacy" is a bit of an Internet buzzword nowadays as the business model of the Internet has now shifted towards data collection. Although Virtual Private Network VPN is one of the best solutions to protect your privacy and data on the Internet, you should be more vigilant while choosing a VPN...
Many Android VPN Apps Breaking Privacy Promises
An alarming number of Android VPNs are providing a decidedly false sense of security to users, especially those living in areas where communication is censored or technology is crucial to the privacy and physical security. A study published recently identified a number of shortcomings common to...
CVE-2016-1920
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service...
Code injection
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service...
CVE-2016-1920
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service...
Privatoria — Protect Your Privacy Online with Fast and Encrypted VPN Service
Today, most of you surf the web unaware of the fact that websites collect your data and track your locations and makes millions by sharing your search histories, location data, and buying habits with advertisers and marketers. And if this isn't enough, there are hackers and cyber criminals out...