Lucene search
K

97 matches found

Prion
Prion
added 2020/09/13 8:15 p.m.23 views

Code injection

The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory which has weak permissions...

2.1CVSS5.5AI score0.00449EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/13 7:35 p.m.40 views

CVE-2020-25289

The CVE-2020-25289 entry describes a local file-write vulnerability in the Avast SecureLine VPN service (pre-5.6.4982.470). The issue arises from an Object Manager symbolic link in the log directory that has weak permissions, allowing local users to write to arbitrary files. Some sources corrobor...

5.5CVSS5.5AI score0.00449EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/13 7:35 p.m.33 views

CVE-2020-25289

The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory which has weak permissions...

5.5AI score0.00449EPSS
Exploits1References1
Hacker One
Hacker One
added 2020/07/27 11:47 a.m.62 views

U.S. Dept Of Defense: [██████████.mil] Cisco VPN Service Path Traversal

Hi team. Summary The Cisco VPN Service at ██████.mil is vulnerable to the CVE-2020-3452 vulnerability, which allows path traversing within the web service's file system on the targeted device. Steps to Reproduce Make a GET request to: http...

5CVSS1AI score0.99992EPSS
Exploits24
Trellix
Trellix
added 2020/04/30 12:0 a.m.20 views

Tales From the Trenches; a Lockbit Ransomware Story

ARCHIVED STORY Tales From the Trenches; a Lockbit Ransomware Story By ATR Operational Intelligence Team · APR 30, 2020 Co-authored by Marc RiveroLopez. In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past...

8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/28 5:54 p.m.31 views

Domen toolkit gets back to work with new malvertising campaign

Last year, we documented a new social engineering toolkit we called "Domen" being used in the wild. Threat actors were using this kit to trick visitors into visiting compromised websites and installing malware under the guise of a browser update or missing font. Despite being a robust toolkit, we...

0.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/10/22 12:32 a.m.71 views

Avast, NordVPN Breaches Tied to Phantom User Accounts

Antivirus and security giant Avast and virtual private networking VPN software provider NordVPN each today disclosed months-long network intrusions that -- while otherwise unrelated -- shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2019/09/11 7:41 a.m.83 views

Mozilla Launches 'Firefox Private Network' VPN Service as a Browser Extension

Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2018/10/20 2:34 p.m.4391 views

Best Piratebay Alternatives and Proxy List for Downloading Torrents

Are you looking for The Pirate Bay, Piratebay proxies, or alternatives to thepiratebay.se? You've come to the right place for the latest Piratebay news and a list of the best torrent sites. The Pirate Bay is one of the world's most famous and best torrent search engines. It allows users to downlo...

6.8AI score
Exploits0
Metasploit
Metasploit
added 2018/07/30 7:25 p.m.35 views

Cisco ASA Directory Traversal

This module exploits a directory traversal vulnerability in Cisco's Adaptive Security Appliance ASA software and Firepower Threat Defense FTD software. It lists the contents of Cisco's VPN web service which includes directories, files, and currently logged in users. This module requires Metasploi...

7.5CVSS0.3AI score0.99903EPSS
Exploits18
Trellix
Trellix
added 2018/07/03 12:0 a.m.9 views

Cybercrime in the Spotlight: How Crooks Capitalize on Cultural Events

ARCHIVED STORY Cybercrime in the Spotlight: How Crooks Capitalize on Cultural Events By John Fokker · July 03, 2018 Every four years, everyone’s head around the globe turns toward the television. The Olympics, the World Cup – world events like these have all eyes viewing friendly competition...

7.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/06/14 12:0 a.m.7 views

The vulnerability of the nordvpn-service software’s VPN service allows a perpetrator to execute arbitrary code with SYSTEM privileges.

The vulnerability of the nordvpn-service software’s VPN service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with SYSTEM privileges using a single OpenVPN command...

10CVSS5.9AI score0.0273EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2018/02/07 1:13 p.m.22 views

Researcher Claims Hotspot Shield VPN Service Exposes You on the Internet

Virtual Private Network VPN is one of the best solutions you can have to protect your privacy and data on the Internet, but you should be more vigilant while choosing a VPN service which truly respects your privacy. If you are using the popular VPN service Hotspot Shield for online anonymity and...

7.5CVSS7.6AI score0.11184EPSS
Exploits3
The Hacker News
The Hacker News
added 2017/10/22 9:29 p.m.22 views

Google to add "DNS over TLS" security feature to Android OS

No doubt your Internet Service Provides ISPs, or network-level hackers cannot spy on https communications. But do you know — ISPs can still see all of your DNS requests, allowing them to know what websites you visit. Google is working on a new security feature for Android that could prevent your...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2017/08/07 11:31 p.m.15 views

Hotspot Shield VPN Accused of Spying On Its Users' Web Traffic

"Privacy" is a bit of an Internet buzzword nowadays as the business model of the Internet has now shifted towards data collection. Although Virtual Private Network VPN is one of the best solutions to protect your privacy and data on the Internet, you should be more vigilant while choosing a VPN...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/01/30 12:25 p.m.12 views

Many Android VPN Apps Breaking Privacy Promises

An alarming number of Android VPNs are providing a decidedly false sense of security to users, especially those living in areas where communication is censored or technology is crucial to the privacy and physical security. A study published recently identified a number of shortcomings common to...

7.2AI score
Exploits0References1
NVD
NVD
added 2017/01/27 8:59 p.m.12 views

CVE-2016-1920

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service...

5.5CVSS5.3AI score0.00382EPSS
Exploits0References2
Prion
Prion
added 2017/01/27 8:59 p.m.15 views

Code injection

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service...

4.3CVSS6.8AI score0.00382EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/01/27 8:0 p.m.20 views

CVE-2016-1920

Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service...

5.3AI score0.00382EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2016/11/04 5:58 a.m.15 views

Privatoria — Protect Your Privacy Online with Fast and Encrypted VPN Service

Today, most of you surf the web unaware of the fact that websites collect your data and track your locations and makes millions by sharing your search histories, location data, and buying habits with advertisers and marketers. And if this isn't enough, there are hackers and cyber criminals out...

6.6AI score
Exploits0
Rows per page
Query Builder